Vulnerabilities > CVE-2024-22074 - Unspecified vulnerability in Dynamsoft Service

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dynamsoft

critical

NVD

Published: 2024-06-06

Updated: 2024-10-16

Summary

Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112, 1.5.0625 through 1.5.3116, 1.4.0618 through 1.4.1230, and 1.0.516 through 1.3.0115 has Incorrect Access Control. This is fixed in 1.8.2014, 1.7.4212, 1.6.3212, 1.5.31212, 1.4.3212, and 1.3.3212.

Vulnerable Configurations

Part	Description	Count
Application	Dynamsoft Dynamsoft Dynamsoft Service *	1

References

https://www.dynamsoft.com/support/security-bulletin-dwt-2024-22074/