Windows SDP Client vulnerable to Improper Input Validation and OS Command Injection
CVE-2024-6973
8.8HIGH
What is CVE-2024-6973?
A vulnerability exists in the Cato Networks Windows SDP client that allows an attacker to execute arbitrary code on a vulnerable system. This occurs through the manipulation of crafted URLs, which can exploit the software if it is running on versions prior to 5.10.34. Users are advised to update their software to mitigate the risk of unauthorized code execution resulting from this security issue.
Affected Version(s)
SDP Client Windows 0 < 5.10.34
