Authentication Bypass Vulnerability in Automation Web Platform Wawp
CVE-2024-52475
Key Information
- Vendor
- Automation Web Platform
- Status
- WaWP
- Vendor
- CVE Published:
- 28 November 2024
Badges
Summary
CVE-2024-52475 is a critical authentication bypass vulnerability discovered in the Automation Web Platform's Wawp application. This vulnerability allows attackers to exploit the system by bypassing normal authentication methods through an alternate path or channel. Affected versions include all releases before 3.0.18. If unaddressed, this vulnerability can potentially lead to unauthorized access and account takeover, significantly threatening the security of user data and integrity of the application.
Affected Version(s)
Wawp < 3.0.18
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
Vulnerability published
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability Reserved