LDAP Injection Vulnerability in Gladinet CentreStack
CVE-2024-37782

Currently unrated

Key Information:

Vendor: Gladinet
Status: Gladinet CentreStack
Vendor: CVE Published:; 22 November 2024

Summary

An LDAP injection vulnerability exists in the login interface of Gladinet CentreStack v13.12.9934.54690, where compromised inputs in the username field can allow attackers to manipulate LDAP queries. This exploitation could lead to unauthorized access to sensitive information or the execution of arbitrary commands, jeopardizing the security of the system.

References

https://www.centrestack.com/p/gce_latest_release.html

https://medium.com/%40jkoreamo/centrestack-vulnerability-...

https://gist.githubusercontent.com/Draoken/ab5465fc339df7...

Timeline

Vulnerability published
Nov 22, 2024