High severity7.5NVD Advisory· Published Jul 26, 2024· Updated Apr 15, 2026

CVE-2024-41628

Description

Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

clustercontrol.comnvd
severalnines.comnvd
docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v1-9-8/nvd
docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v2-1-0/nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.073
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000