cbcvebase.
CVE-2024-26261
published 2024-10-14

CVE-2024-26261: The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote attackers still can…

PriorityP355critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.68%
47.7th percentile
The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote attackers still can download arbitrary system files, which may be deleted subsequently .

Affected

5 ranges
VendorProductVersion rangeFixed in
hgigaoaklouds< 11621162
hgigaoaklouds-organization-2.0< 188188
hgigaoaklouds-organization-3.0< 188188
hgigaoaklouds-webbase-2.0< 10511051
hgigaoaklouds-webbase-3.0< 10511051
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.