CVE-2024-37774

A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers to escalate their privileges by forcing an Administrator user to perform sensitive requests in some admin screens.

CVSS

No CVSS.

References

Link	Resource
http://dctrack.com	Product
https://s3.us-east-1.amazonaws.com/dcTrack.Docs/dcTrack_9.2.0_GA/dcTrack_9.2.0_Release_Notes.pdf	Release Notes

Configurations

Configuration 1 (hide)

cpe:2.3:a:sunbirddcim:dctrack:9.1.2:*:*:*:*:*:*:*

History

20 Jun 2025, 18:15

Type	Values Removed	Values Added
References	~~() http://dctrack.com -~~	() http://dctrack.com - Product
References	~~() https://s3.us-east-1.amazonaws.com/dcTrack.Docs/dcTrack_9.2.0_GA/dcTrack_9.2.0_Release_Notes.pdf -~~	() https://s3.us-east-1.amazonaws.com/dcTrack.Docs/dcTrack_9.2.0_GA/dcTrack_9.2.0_Release_Notes.pdf - Release Notes
CPE		cpe:2.3:a:sunbirddcim:dctrack:9.1.2:::::::*
First Time		Sunbirddcim Sunbirddcim dctrack

16 Dec 2024, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-16 22:15

Updated : 2025-06-20 18:15

NVD link : CVE-2024-37774

Mitre link : CVE-2024-37774

JSON object : View

Products Affected

sunbirddcim

dctrack

CWE

No CWE.

JSON object

Attach tags to CVE-2024-37774

Attach tags to `CVE-2024-37774`