Local File Inclusion Vulnerability in Logpoint's File System Collector
CVE-2024-33860

Currently unrated

Key Information:

Vendor: Logpoint
Status: File System Collector
Vendor: CVE Published:; 7 May 2024

What is CVE-2024-33860?

A flaw has been identified in Logpoint's File System Collector prior to version 7.4.0 which allows for Local File Inclusion (LFI). This vulnerability enables an attacker to specify arbitrary file paths, leading to the exposure of the contents of sensitive files through the incoming logs. As a result, unauthorized users could potentially gain access to confidential information stored within the file system.

References

https://logpoint.com

https://servicedesk.logpoint.com/hc/en-us/articles/185339...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2024
Vulnerability Reserved
Apr 27, 2024