CVE-2024-27632

HIGH

GNU Savane <3.12 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-27632. PoCs published by ally-petitt.

AI-analyzed exploit summary CVE-2024-27632 describes a vulnerability in Savane v3.12 and prior where the Unix timestamp is used as a seed for generating CSRF tokens, making them predictable. The writeup provides technical details, validation steps, and mitigation guidance.

Description

An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function.

Exploits (1)

nomisec WRITEUP 1 stars

by ally-petitt · poc

https://github.com/ally-petitt/CVE-2024-27632

View Code ZIP pw:eip

CVE-2024-27632 describes a vulnerability in Savane v3.12 and prior where the Unix timestamp is used as a seed for generating CSRF tokens, making them predictable. The writeup provides technical details, validation steps, and mitigation guidance.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Savane v3.12 and prior

No auth needed

Prerequisites: knowledge of the Unix timestamp when the token was generated

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Mitigation, Third Party Advisory

https://github.com/ally-petitt/CVE-2024-27632

Exploit, Third Party Advisory

https://medium.com/%40allypetitt/how-i-found-3-cves-in-2-days-8a135eb924d3

Scores

CVSS v3 8.8

EPSS 0.0127

EPSS Percentile 66.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-335

Status published

Products (1)

gnu/savane < 3.13

Published Apr 08, 2024

Tracked Since Feb 18, 2026