Skip to main content

CVE-2024-1303

Description

Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality.

NVD
Severity: N/A
CVE ID: CVE-2024-1303
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.
Spanish National Cybersecurity Institute, S.A. (INCIBE)
Severity: MEDIUM
CVE ID: CVE-2024-1303
CVSS Score: 6.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Refrence: NVDMITRE

Proof Of Concept

guillermogm4

POC Badgermeter moni tool - CVE-2024-1303

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8