CVE-2024-50602
MEDIUMNetapp Active IQ Unified Manager < 2.6.4 - Improper Condition Check
Title source: ruleExploitation Summary
EIP tracks 1 public exploit for CVE-2024-50602. PoCs published by MaineK00n.
AI-analyzed exploit summary This Go script fetches NVD data from VulnCheck's API, processes it, and extracts details for CVE-2024-50602. It does not exploit the vulnerability but scans for its presence in the dataset.
Description
An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.
Exploits (1)
nomisec
SCANNER
by MaineK00n · poc
https://github.com/MaineK00n/vulncheck_CVE-2024-50602
This Go script fetches NVD data from VulnCheck's API, processes it, and extracts details for CVE-2024-50602. It does not exploit the vulnerability but scans for its presence in the dataset.
Classification
Scanner 90%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target:
VulnCheck API (NIST NVD backup)
Auth required
Prerequisites:
VulnCheck API token
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Issue Tracking
https://github.com/libexpat/libexpat/pull/915
Mailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/04/msg00040.html
Third Party Advisory
https://security.netapp.com/advisory/ntap-20250404-0008/
Scores
CVSS v3
5.9
EPSS
0.0104
EPSS Percentile
59.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-754
Status
published
Products (12)
debian/debian_linux
11.0
libexpat_project/libexpat
< 2.6.4
netapp/active_iq_unified_manager
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
netapp/hci_compute_node
netapp/solidfire_\&_hci_management_node
... and 2 more
Published
Oct 27, 2024
Tracked Since
Feb 18, 2026