CVE-2024-45256

CRITICAL 9.8

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

An arbitrary file write issue in the exfiltration endpoint in BYOB (Build Your Own Botnet) 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted parameter. This occurs in file_add in api/files/routes.py.

Vendor	n/a
Product	n/a
Published	Aug 26, 2024
Last Updated	Aug 26, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new critical vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/malwaredllc/byob blog.chebuya.com: https://blog.chebuya.com/posts/unauthenticated-remote-command-execution-on-byob/ github.com: https://github.com/chebuya/exploits/tree/main/BYOB-RCE