VYPR
Unrated severityNVD Advisory· Published Apr 19, 2024· Updated Dec 16, 2025

CVE-2024-27976

CVE-2024-27976

Description

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

Affected products

2
  • Ivanti/Avalanchellm-fuzzy2 versions
    <6.4.3+ 1 more
    • (no CPE)range: <6.4.3
    • (no CPE)range: 6.4.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.