HIGH
Tibbo
CVE published 2024-12-19
CVE-2024-12700
CVE-2024-12700 is a high-severity unrestricted file upload vulnerability in Tibbo AggreGate Network Manager, published by CISA on December 19, 2024. An authenticated low-privileged user can upload a JSP shell to achieve remote code execution with web server privileges. The vulnerability affects versions 6.34.02 and earlier. CVSS 3.1 score is 8.8 (High). Tibbo has released patched versions 6.40.02 and 6.34 [truncated]