Security Advisory

CVE-2024-7314

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-02 16:33:54

Last updated 2025-11-22 12:13:00

Assigner VulnCheck

State PUBLISHED

Description

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

← Browse all CVEs View on cve.org ↗