CVE-2024-9362
HIGH NUCLEIPolyaxon < latest - Unauthenticated Directory Traversal
Title source: llmExploitation Summary
CVE-2024-9362 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
An unauthenticated directory traversal vulnerability exists in Polyaxon, affecting the latest version. This vulnerability allows an attacker to retrieve directory information and file contents from the server without proper authorization, leading to sensitive information disclosure. The issue enables access to system directories such as `/etc`, potentially resulting in significant security risks.
Nuclei Templates (1)
Polyaxon - Unauthenticated Directory Traversal
HIGHVERIFIEDby yunseo
FOFA:
title=="Polyaxon"
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://huntr.com/bounties/d8dcb40f-ce76-4524-8d06-e0f12a07809d
Scores
CVSS v3
7.5
EPSS
0.0441
EPSS Percentile
90.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (1)
polyaxon/polyaxon/polyaxon
unspecified - latest
Published
Mar 20, 2025
Tracked Since
Feb 18, 2026