cbcvebase.
CVE-2024-29010
published 2024-05-01

CVE-2024-29010: The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection, potentially resulting in the disclosure of…

PriorityP338high7.1CVSS 3.1
AVNACLPRLUINSUCHILAN
EPSS
0.62%
45.3th percentile
The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions.

Affected

1 ranges
VendorProductVersion rangeFixed in
sonicwallgms
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.