Skip to main content

Breaking cybersecurity news

Vulnerability database

EU vulnerability data

Hands-on web security training

Security incidents database

Knowledge library

Analytics & trends

Follow us

Professional cybersecurity intelligence

Breaking cybersecurity news

Vulnerability database

EU vulnerability data

Hands-on web security training

Security incidents database

Knowledge library

Analytics & trends

Follow us

About Sources Sponsored Articles Status Legal Terms

v2.3.3•© 2026

Telegram Bluesky GitHub Contact

Return to CVE list

CVE-2024-0815

CVE-2024-0815

8.8

High

Published:7 Mar 2024

Last updated:17 Jun 2026

Source:security@huntr.dev

Analyzed

Weakness (CWE)

CWE-78OS Command Injection

CVSS Vector

v3.1

Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Changed
Confidentiality: High
Integrity: High
Availability: High

View on MITRE Find PoC on GitHub

Description

Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6.0

References

security@huntr.dev

https://huntr.com/bounties/83bf8191-b259-4b24-8ec9-0115d7c05350

af854a3a-2127-422b-91ae-364da2661108

https://huntr.com/bounties/83bf8191-b259-4b24-8ec9-0115d7c05350