CVE-2024-57249

Published: Feb 7, 2025

Modified: Feb 11, 2025

PUBLISHED

Description

Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses the authentication process and grants attackers access to sensitive image files without proper login credentials.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.gleamtech.com/filevista

https://packetstorm.news/files/id/189019

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-57249

Description

Affected Products

References