Home

Description

An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors.

PUBLISHED Reserved 2024-05-17 | Published 2025-01-07 | Updated 2025-01-08 | Assigner mitre

References

github.com/...labs/CVE-Advisory/blob/main/CVE-2024-35532.pdf

intersec.com/public-safety

cve.org (CVE-2024-35532)

nvd.nist.gov (CVE-2024-35532)

Download JSON