CVE-2024-39844

Name
CVE-2024-39844
Description
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://wiki.znc.in/Category:ChangeLog
https://github.com/znc/znc/releases/tag/znc-1.9.1
https://wiki.znc.in/ChangeLog/1.9.1
https://www.openwall.com/lists/oss-security/2024/07/03/9
mailing-list http://www.openwall.com/lists/oss-security/2024/07/03/9

Match rules

CPE URI Source package Min version Max version
n/a == n/a == n/a

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
znc edge-community 1.9.1-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
znc 3.20-community 1.9.1-r0 Natanael Copa <ncopa@alpinelinux.org> fixed