CVE-2024-39844

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-39844

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39844.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-39844

Downstream

DEBIAN-CVE-2024-39844

DSA-5725-1

MGASA-2024-0257

UBUNTU-CVE-2024-39844

USN-6990-1

openSUSE-SU-2024:0203-1

openSUSE-SU-2024:14115-1

Related

Published

2024-07-03T17:15:04.403Z

Modified

2026-04-16T04:34:05.127213892Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK.

References

Affected packages

Git / github.com/znc/znc

Affected ranges

Type

GIT

Repo

https://github.com/znc/znc

Events

Introduced

Fixed

ae353acf2fe61b50fb1a6617824c334a0bf22a4f

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.9.1"
        }
    ]
}

Affected versions

znc-0.*

znc-0.023

znc-0.025

znc-0.027

znc-0.028

znc-0.029

znc-0.030

znc-0.033

znc-0.034

znc-0.035

znc-0.036

znc-0.037

znc-0.038

znc-0.039

znc-0.040

znc-0.041

znc-0.043

znc-0.044

znc-0.045

znc-0.047

znc-0.050

znc-0.052

znc-0.054

znc-0.054-rc1

znc-0.054-rc2

znc-0.054-rc3

znc-0.056

znc-0.058

znc-0.060

znc-0.062

znc-0.064

znc-0.066

znc-0.068

znc-0.070

znc-0.072

znc-0.094

znc-0.096

znc-0.098

znc-0.200

znc-1.*

znc-1.0

znc-1.2

znc-1.6.0

znc-1.7.0

znc-1.9.0

znc-1.9.0-rc1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39844.json"