High severity7.5NVD Advisory· Published Apr 30, 2026· Updated May 17, 2026
CVE-2024-13971
CVE-2024-13971
Description
Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:lobster-world:lobster_pro:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:lobster-world:lobster_pro:*:*:*:*:*:*:*:*range: <4.12.6-ga
- (no CPE)range: <4.12.6-GA
Patches
Vulnerability mechanics
References
2- www.schutzwerk.com/en/blog/schutzwerk-sa-2024-005/nvdExploitThird Party Advisory
- seclists.org/fulldisclosure/2026/May/1nvd
News mentions
0No linked articles in our index yet.