CVE-2024-1186: Munsoft Easy Archive Recovery Registration Key denial of service
Description
A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. In Munsoft Easy Archive Recovery 2.0 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Das betrifft eine unbekannte Funktionalität der Komponente Registration Key Handler. Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung.
Classification
CVE ID: CVE-2024-1186
CVSS Base Severity: LOW
CVSS Base Score: 3.3
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Problem Types
CWE-404 Denial of ServiceAffected Products
Vendor: Munsoft
Product: Easy Archive Recovery
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.03% (probability of being exploited)
EPSS Percentile: 7.87% (scored less or equal to compared to others)
EPSS Date: 2025-06-21 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: poc
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-1186https://vuldb.com/?id.252676
https://vuldb.com/?ctiid.252676
https://fitoxs.com/vuldb/12-exploit-perl.txt
https://www.exploit-db.com/exploits/45884