CVERadar

CVE-2024-1303

Medium Severity

SVRS

30/100

CVSSv3

NA/10

EPSS

0.00721/1

CVE-2024-1303: Badger Meter Monitool file retrieval vulnerability. Authenticated attackers can exploit this flaw in versions up to 4.6.3 and earlier to access arbitrary files on the device. This path traversal vulnerability, categorized as CWE-22, arises from incorrectly limiting access to a restricted directory. While the CVSS score is 0, SOCRadar Vulnerability Risk Score (SVRS) indicates a score of 30, meaning the real-world risk is notable, although not critical. This vulnerability is significant because it allows unauthorized access to sensitive data stored on the device. The presence of active exploits further elevates the urgency of patching this flaw to prevent potential data breaches and system compromise, requiring organizations to assess their exposure and implement mitigation steps.

Indicators of Compromise

No IOCs found for this CVE

Exploits

Title	Software Link	Date
guillermogm4/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal	https://github.com/guillermogm4/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal	2024-02-08

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

Múltiples vulnerabilidades en Monitool de Badger Meter

2025-03-01

Múltiples vulnerabilidades en Monitool de Badger Meter | Multiple Vulnerabilities in Badger Meter's Monitool Wed, 02/07/2024 - 13:17 Aviso SCI Affected Resources Monitool, 4.6.3 version. Description INCIBE has coordinated the publication of 4 vulnerabilities

incibe.es

rss

forum

news

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

Reference	Link
[email protected]	https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-badger-meters-monitool

CWE Details

CWE ID	CWE Name	Description
CWE-22	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence