CVE-2024-49082 | THREATINT

Home

Description

Windows File Explorer Information Disclosure Vulnerability

PUBLISHED Reserved 2024-10-11 | Published 2024-12-10 | Updated 2025-05-13 | Assigner microsoft

MEDIUM: 6.8CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

10.0.17763.0 (custom) before 10.0.17763.6659

affected

10.0.17763.0 (custom) before 10.0.17763.6659

affected

10.0.17763.0 (custom) before 10.0.17763.6659

affected

10.0.20348.0 (custom) before 10.0.20348.2966

affected

10.0.19043.0 (custom) before 10.0.19044.5247

affected

10.0.22621.0 (custom) before 10.0.22621.4602

affected

10.0.19045.0 (custom) before 10.0.19045.5247

affected

10.0.26100.0 (custom) before 10.0.26100.2605

affected

10.0.22631.0 (custom) before 10.0.22631.4602

affected

10.0.22631.0 (custom) before 10.0.22631.4602

affected

10.0.25398.0 (custom) before 10.0.25398.1308

affected

10.0.26100.0 (custom) before 10.0.26100.2605

affected

10.0.26100.0 (custom) before 10.0.26100.2605

affected

10.0.10240.0 (custom) before 10.0.10240.20857

affected

10.0.14393.0 (custom) before 10.0.14393.7606

affected

10.0.14393.0 (custom) before 10.0.14393.7606

affected

10.0.14393.0 (custom) before 10.0.14393.7606

affected

6.0.6003.0 (custom) before 6.0.6003.23016

affected

6.0.6003.0 (custom) before 6.0.6003.23016

affected

6.0.6003.0 (custom) before 6.0.6003.23016

affected

6.1.7601.0 (custom) before 6.1.7601.27467

affected

6.1.7601.0 (custom) before 6.1.7601.27467

affected

6.2.9200.0 (custom) before 6.2.9200.25222

affected

6.2.9200.0 (custom) before 6.2.9200.25222

affected

6.3.9600.0 (custom) before 6.3.9600.22318

affected

6.3.9600.0 (custom) before 6.3.9600.22318

affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49082 (Windows File Explorer Information Disclosure Vulnerability) vendor-advisory

cve.org (CVE-2024-49082)

nvd.nist.gov (CVE-2024-49082)

Download JSON