cbcvebase.
CVE-2024-37728
published 2024-09-10

CVE-2024-37728: Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain…

PriorityP352high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.85%
76.5th percentile
Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.