MidnightBSD

Advisories for epoint

CVE-2024-24525

An issue in EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 and 5.4.2 allows a remote attacker to execute arbitrary code via the infoid parameter of the URL.

Products Affected

Vendor Product Version
epoint epointwebbuilder 5.2.1
epoint epointwebbuilder 5.1.0
epoint epointwebbuilder 5.4.2
epoint epointwebbuilder 5.4.1