Cires21 C21 Live Encoder And Live Mosaic vulnerabilities
2 known vulnerabilities affecting cires21/c21_live_encoder_and_live_mosaic.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2024-0643P2CRITICALCVSS 9.8v5.3 2024-01-17
CVE-2024-0643 [CRITICAL] CWE-434 CVE-2024-0643: Unrestricted upload of dangerous file types in the C21 Live Encoder and Live Mosaic product, version
Unrestricted upload of dangerous file types in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnerability allows a remote attacker to upload different file extensions without any restrictions, resulting in a full system compromise.
nvd
CVE-2024-0642P3CRITICALCVSS 9.8v5.3 2024-01-17
CVE-2024-0642 [CRITICAL] CWE-284 CVE-2024-0642: Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnera
Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnerability allows a remote attacker to access the application as an administrator user through the application endpoint, due to lack of proper credential management.
nvd