Incorrect Regular Expression Vulnerability Allows Server Side Request Forgery

CVE-2024-2223

What is CVE-2024-2223?

An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server permits an attacker to execute a Server Side Request Forgery (SSRF), compromising the security of affected systems. This vulnerability can lead to unauthorized reconfiguration of the relay, which may expose sensitive data and enable further attacks on the network. The issue impacts various versions of Bitdefender products, including Bitdefender Endpoint Security for Linux, Bitdefender Endpoint Security for Windows, and GravityZone Control Center. Users are strongly advised to update to the latest versions to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

News Articles

CybersecurityNews

CVE-2024-2223CVE-2024-2224

Critical Bitdefender Vulnerabilities Let Attackers Gain Control Over System

Bitdefender GravityZone Update Server (versions 6.36.1, Endpoint Security for Linux 7.0.5.200089, and Endpoint Security for Windows

References