VYPR
Unrated severityNVD Advisory· Published Apr 19, 2024· Updated Mar 24, 2025

CVE-2024-24996

CVE-2024-24996

Description

A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands.

Affected products

2
  • Ivanti/Avalanchellm-fuzzy2 versions
    <6.4.3+ 1 more
    • (no CPE)range: <6.4.3
    • (no CPE)range: 6.4.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.