Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers can exploit this vulnerability to gain full server access as the root user.

Related CVEs

CVE-2024-24621

Key Information

GHSA ID

GHSA-3r6p-fq38-2gpr

Published

July 26, 2024 12:32 AM

Last Modified

July 26, 2024 12:32 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 9, 2025 6:27 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.