CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-28397

High Severity
SVRS
46/100
CVSSv3
NA/10
EPSS
0.51671/1

CVE-2024-28397 allows attackers to execute arbitrary code in js2py through a crafted API call. This vulnerability affects js2py versions up to v0.74, specifically within the js2py.disable_pyimport() component. Despite a CVSS score of 0, indicating a base lack of direct impact, the existence of this vulnerability "In The Wild" suggests active exploitation attempts.

With an SVRS score of 46, the threat is considered moderate, requiring monitoring for increased risk. Successful exploitation could lead to system compromise, data breaches, or other malicious activities. While not immediately critical, the "In The Wild" tag warrants careful consideration and potential mitigation steps to prevent exploitation of this security flaw.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-06-20
LAST MODIFIED2024-06-21
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-28397 is a vulnerability with a CVSS score of 0, indicating a low severity. However, SOCRadar's unique 'SOCRadar Vulnerability Risk Score' (SVRS) assigns it a score of 30, highlighting the potential for exploitation.

Key Insights

  • Active Exploitation: The vulnerability is actively exploited in the wild, posing an immediate threat to organizations.
  • Low CVSS Score: The CVSS score of 0 may underestimate the severity of the vulnerability, as it does not consider factors such as social media chatter and dark web activity.
  • SVRS Score: The SVRS score of 30 indicates a moderate risk, suggesting that organizations should prioritize patching and mitigation measures.
  • Threat Actors: Specific threat actors or APT groups exploiting this vulnerability have not been identified at this time.

Mitigation Strategies

  • Apply Patches: Install security updates and patches as soon as they become available.
  • Enable Intrusion Detection Systems (IDS): Monitor network traffic for suspicious activity and block unauthorized access attempts.
  • Implement Network Segmentation: Divide the network into smaller segments to limit the spread of potential attacks.
  • Educate Users: Train employees on cybersecurity best practices, such as avoiding suspicious links and attachments.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

ISC StormCast for Monday, June 24th, 2024
Dr. Johannes B. Ullrich2024-06-24
ISC StormCast for Monday, June 24th, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Process Monitor Update; Kaspersky Sanctions; Phoenix UEFI Vuln; Ghostscript Vuln; js2py unpatched vuln;Sysinternals Process Monitor Version 4 Released https://isc.sans.edu/diary/Sysinternals%27%20Process%20Monitor%20Version%204%20Released/31026 Kaspersky Sanctions https://home.treasury.gov/news/press-releases/jy2420 Phoenix UEFI Buffer Overflow Affects Wide Range of Systems https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/ Ghostscript Update<br
sans.edu
rss
forum
news
Metasploit Weekly Wrap-Up 11/22/2024
Spencer McIntyre2024-11-22
Metasploit Weekly Wrap-Up 11/22/2024 | Metasploit added a login scanner for the TeamCity application to enable users to check for weak credentials. Learn more about this week's Metasploit Wrap-Up.JetBrains TeamCity Login Scanner Metasploit added a login scanner for the TeamCity application to enable users to check for weak credentials. TeamCity has been the subject of multiple ETR vulnerabilities</a
rapid7.com
rss
forum
news
Pyload Remote Code Execution
2024-11-18
Pyload Remote Code Execution | CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. At the time of this writing no patch has been released and version 0.74 is the latest version of js2py which was released Nov 6, 2022. CVE-2024-39205 is a remote code execution
packetstormsecurity.com
rss
forum
news

Social Media

#Vulnerability #CVE202428397 CVE-2024-28397: js2py Vulnerability Exposes Millions of Python Users to RCE https://t.co/iLVwY8hDUS
0
0
0
CVE-2024-28397: js2py Vulnerability Exposes Millions of Python Users to RCE - https://t.co/plS3W68IfH
0
0
0
CVE-2024-28397: js2py Vulnerability Exposes Millions of Python Users to RCE - https://t.co/plS3W68aq9
0
0
0
Vulnerability with identifier CVE-2024-28397 found in js2py puts millions of Python users at risk of Remote Code Execution (RCE) Details: https://t.co/imnQkCN5oz #cybersecurity #infosec #infosecurity
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://github.com/Marven11
[email protected]https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape
GITHUBhttps://github.com/Marven11
GITHUBhttps://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence