CVE-2024-57727: SimpleHelp Path Traversal Vulnerability. SimpleHelp remote
SimpleHelp Path Traversal Vulnerability. SimpleHelp remote support software contains multiple path traversal vulnerabilities that allow unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files may include server configuration files and hashed user passwords.
- CISA KEV-listed (remediation due 2025-03-06)
- used in ransomware campaigns
- EPSS 94.0% (99.9% percentile)