CVE-2024-12663

MEDIUM EPSS 33.8%

Published Dec 16, 20241y ago · Modified Jun 17, 20261w ago

6.3 CVSS 4.0

Medium

Published Dec 16, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

CVSS Details

Base Score

6.3

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity High

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

33.8% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-203

CWE-204

References 4

github.com https://github.com/funnyzpc/mee-admin/issues/9
vuldb.com https://vuldb.com/?ctiid.288532
vuldb.com https://vuldb.com/?id.288532
vuldb.com https://vuldb.com/?submit.458371

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.