CVE-2024-38824

Severity

7.5HIGH

EPSS

0.4%

top 40.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJun 13

Description

Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:NExploitability: 3.1 | Impact: 5.8

▶PyPIsalt3007.0rc1 — 3007.4+1

▶CVEListV5vmware/salt3006.x — 3006.12+1

▶NVDsaltstack/salt3006.0 — 3006.12+1

OSV

Salt vulnerable to directory traversal attack in file receiving method↗2025-06-13

▶

OSV

CVE-2024-38824: Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory↗2025-06-13

▶

CVEList

CVE-2024-38824 salt advisory↗2025-06-13

▶

GHSA

Salt vulnerable to directory traversal attack in file receiving method↗2025-06-13

▶