CVE-2024-37770

CRITICAL

B1ackc4t 14finger - Code Injection

Title source: rule

Description

14Finger v1.1 was discovered to contain a remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.

Exploits (1)

nomisec WRITEUP 1 stars

by k3ppf0r · poc

https://github.com/k3ppf0r/CVE-2024-37770

View Code ZIP pw:eip

References (2)

[Exploit, Issue Tracking, Vendor Advisory] https://github.com/b1ackc4t/14Finger/issues/13

[Exploit, Third Party Advisory] https://github.com/k3ppf0r/CVE-2024-37770

Scores

CVSS v3 9.1

EPSS 0.1102

EPSS Percentile 93.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-94

Status published

Products (1)

b1ackc4t/14finger 1.1

Published Jul 10, 2024

Tracked Since Feb 18, 2026