Server-Side Request Forgery in WISI Tangram GT31 HTTP Request Handler
CVE-2024-12989

Currently unrated

Key Information:

Vendor: WISI
Vendor: CVE Published:; 27 December 2024

What is CVE-2024-12989?

A vulnerability in the WISI Tangram GT31's HTTP Request Handler component allows for server-side request forgery (SSRF). This flaw can be exploited remotely, enabling attackers to manipulate server requests and potentially access sensitive internal systems or data. The issue affects versions of the WISI Tangram GT31 up to 20241214. Despite early notification, the vendor has not provided a response regarding this security concern.

References

https://vuldb.com/?ctiid.289382

https://vuldb.com/?id.289382

https://vuldb.com/?submit.463798

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 27, 2024