Vulnerabilities > CVE-2024-2009 - Unspecified vulnerability in Nway PRO 9

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

nway

NVD

Published: 2024-02-29

Updated: 2025-03-04

Summary

A vulnerability was found in Nway Pro 9. It has been rated as problematic. Affected by this issue is the function ajax_login_submit_form of the file login\index.php of the component Argument Handler. The manipulation of the argument rsargs[] leads to information exposure through error message. The attack may be launched remotely. VDB-255266 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part	Description	Count
Application	Nway Nway Nway PRO 9	1

References

https://vuldb.com/?ctiid.255266
https://vuldb.com/?ctiid.255266
https://vuldb.com/?id.255266
https://vuldb.com/?id.255266