NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-48734

Summary	Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS Studio 9.4 allows remote attacker to upload malicious files. NOTE: this is disputed by the vendor because file upload is allowed for authorized users.
Publication Date	Oct. 31, 2024, 6:15 a.m.
Registration Date	Oct. 31, 2024, noon
Last Update	Nov. 5, 2024, 4:35 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	http://sas.com
2	https://github.com/ACN-CVEs/CVE-2024-48734/blob/d59cca7b03bce3a516035d1a0f488d67c3d10ae6/Unrestricted%20file%20upload.pdf

Common Vulnerabilities List