THREATOPS
THREAT OPSCVEs › CVE-2024-57726

CVE-2024-57726 — SimpleHelp Missing Authorization Vulnerability

CISA KEVExploited: confirmedSimpleHelp

SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

Vulnerability details

Related reporting