CVE-2024-9142
9.8 CRITICALExternal Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-B...
Published: 2024-09-25 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-73, CWE-732
Description
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-0271 — A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to exec...
- CVE-2026-50570 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (8.5 HIGH)
- CVE-2026-45556 — Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers (9.9 CRITICAL)
- CVE-2026-47643 — External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network (9.8 CRITICAL)
- CVE-2026-26422 — clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation (8.4 HIGH)