CVE-2024-39703 Information

Description

In ThreatQuotient ThreatQ before 5.29.3 authenticated users are able to execute arbitrary commands by sending a crafted request to an API endpoint.

Reference

https://threatq.freshdesk.com/helpdesk/tickets/10367 https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-01 https://www.threatq.com/vulnerability-management/