← Browse CVEs
CVE-2024-57727
High · CVSS 7.5EPSS 95.1%CISA KEVCWE-22 · Path Traversal
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing various secrets and hashed user passwords.
References
Published
Community ground truth
Community verdict
3 verdictsNot a real issue
to add your verdict.
Community real-world severity: Critical (Critical 3) — CVSS base score 7.5
Practitioners rate this higher than its CVSS — treat with extra caution.
Field notes & remediation
Verdicts are the quick signal — notes are the evidence and fixes behind them.
No notes yet — be the first to share what you saw or a fix that worked.