CVE-2024-50967

MEDIUM EXPLOITED NUCLEI

Becon DATAGerry <2.2.0 - Info Disclosure

Title source: llm

Description

The /rest/rights/ REST API endpoint in Becon DATAGerry through 2.2.0 contains an Incorrect Access Control vulnerability. An attacker can remotely access this endpoint without authentication, leading to unauthorized disclosure of sensitive information.

Exploits (1)

nomisec WRITEUP
by 0xByteHunter · infoleak
https://github.com/0xByteHunter/CVE-2024-50967

Nuclei Templates (1)

DATAGERRY - Improper Access Control
HIGHVERIFIEDby s4e-io,0xByteHunter
Shodan: http.title:"datagerry"
FOFA: title="datagerry"

References (3)

Scores

CVSS v3 6.5
EPSS 0.3787
EPSS Percentile 97.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2025-06-27
CWE
CWE-862
Status published
Published Jan 17, 2025
Tracked Since Feb 18, 2026