SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing various secrets and hashed user passwords.

Related CVEs

CVE-2024-57727

Key Information

GHSA ID

GHSA-x84r-h282-g729

Published

January 16, 2025 12:31 AM

Last Modified

January 16, 2025 9:30 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 2, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.