Local File Inclusion Vulnerability in Rezgo by Rezgo
CVE-2024-53800

8.1HIGH

Key Information:

Vendor: Rezgo
Status: Rezgo
Vendor: CVE Published:; 7 January 2025

Summary

The Rezgo platform is impacted by a Local File Inclusion vulnerability, which allows attackers to manipulate file inclusion mechanisms within PHP applications. This flaw permits unauthorized access to server files and sensitive data. All versions of the Rezgo platform from n/a up to 4.15 are affected, making it essential for users to apply necessary patches and updates to mitigate potential security risks.

Affected Version(s)

Rezgo <= 4.15

References

https://patchstack.com/database/wordpress/plugin/rezgo/vu...

vdb-entry

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 7, 2025
Vulnerability Reserved
Nov 22, 2024

Collectors

NVD DatabaseMitre Database

Credit

Dimas Maulana (Patchstack Alliance)