Skip to content

CISA Adds Known Exploited Vulnerabilities to Catalog - 20250205003

Overview

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

What is the vulnerability?

CVE Product Vulnerabilities Identified Version(s) CVSS v4/v3 Severity
CVE-2024-45195 Apache OFBiz Forced Browsing Vulnerability Apache OFBiz: before 18.12.16 7.5 High
CVE-2024-29059 Microsoft .NET Framework Information Disclosure Vulnerability Microsoft .NET Framework 4.8: affected from 4.8.0 before 4.8.04690.02 7.5 High
CVE-2018-9276 Paessler PRTG Network Monitor OS Command Injection Vulnerability PRTG Network Monitor: before 18.2.39 7.2 High
CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability PRTG Network Monitor: before 18.2.40.1683 9.8 Critical

What has been observed?

CISA has listed this vulnerabilty in their Known Exploited Vulnerabilties catalog.

Recommendation

Due to the report of active exploitation, it is strongly recommended to patch this vulnerability within 2 weeks across all affected platforms as per vendor instructions.