6.7
MEDIUM CVSS 4.0
CVE-2024-12345
INW Krbyyyzo Daily Huddle Site gbo.aspx resource consumption
Description

A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The manipulation of the argument s leads to resource consumption. It is possible to launch the attack on the local host. Other endpoints might be affected as well.

INFO

Published Date :

Jan. 27, 2025, 11:15 a.m.

Last Modified :

June 17, 2026, 6:59 a.m.

Remotely Exploit :

No
Affected Products

The following products are affected by CVE-2024-12345 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS 2.0 MEDIUM [email protected]
CVSS 3.1 MEDIUM [email protected]
CVSS 4.0 MEDIUM [email protected]
Solution
Update the INW Krbyyyzo software to fix the resource consumption vulnerability.
  • Update INW Krbyyyzo to the latest version.
  • Apply any available security patches from the vendor.
  • Monitor system resources for unusual consumption.
Public PoC/Exploit Available at Github

CVE-2024-12345 has a 395 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-12345.

URL Resource
https://vuldb.com/?ctiid.293509
https://vuldb.com/?id.293509
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-12345 is associated with the following CWEs:

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

CVE Hunter Pro is a Chrome extension for fast, single-lookup CVE triage. It delivers CVSS scoring, EPSS exploit-probability, CISA KEV status, and GitHub PoC discovery in one pop-up. Utilizing the NVD, FIRST.org, and GitHub APIs, it aids defensive security research.

JavaScript CSS HTML

Updated: 10 hours, 27 minutes ago
0 stars 0 fork 0 watcher
Born at : July 15, 2026, 6:22 p.m. This repo has been linked 1 different CVEs too.

None

Python CSS HTML JavaScript

Updated: 1 day, 8 hours ago
0 stars 0 fork 0 watcher
Born at : July 14, 2026, 6:34 p.m. This repo has been linked 2 different CVEs too.

A Go client for the CISA Known Exploited Vulnerabilities (KEV) Catalog, a feed of vulnerabilities that are known to be actively exploited in the wild. This package provides a simple, idiomatic way to fetch, search, and filter the official CISA JSON feed.

apirest go cisa cisa-kev

Go

Updated: 4 days ago
0 stars 0 fork 0 watcher
Born at : July 10, 2026, 1:48 a.m. This repo has been linked 2 different CVEs too.

Autonomous red-team kill-chain plugin for Claude Code + OMC — a hardened re-architecture of Decepticon (Apache-2.0).

adversary-emulation claude-code kill-chain mitre-attack purple-team red-team security sliver

Python Shell JavaScript TypeScript CSS

Updated: 5 days, 14 hours ago
0 stars 0 fork 0 watcher
Born at : July 9, 2026, 6:59 p.m. This repo has been linked 1 different CVEs too.

None

HTML Python

Updated: 1 week ago
0 stars 0 fork 0 watcher
Born at : July 8, 2026, 12:39 p.m. This repo has been linked 2 different CVEs too.

AI‑powered security testing platform with multi‑agent swarm, autonomous bug bounty, self‑play Red vs Blue, hybrid RAG, and live WebSocket monitoring.

Python JavaScript TypeScript CSS Shell

Updated: 1 week ago
0 stars 0 fork 0 watcher
Born at : July 8, 2026, 11:46 a.m. This repo has been linked 1 different CVEs too.

None

Python

Updated: 1 week, 1 day ago
0 stars 0 fork 0 watcher
Born at : July 7, 2026, 10:05 p.m. This repo has been linked 2 different CVEs too.

Extensible cybersecurity toolkit built in Python for reconnaissance, analysis, threat intelligence, and security operations.

Python

Updated: 1 week, 3 days ago
1 stars 0 fork 0 watcher
Born at : July 4, 2026, 12:22 a.m. This repo has been linked 1 different CVEs too.

This repository contains an unofficial enhancement to blackducks parent/child project finding alert mechanism, it supplements how child findings are created in externals (Jira & Datadog) to have correct linkage with their parent project

Python

Updated: 13 hours, 3 minutes ago
0 stars 0 fork 0 watcher
Born at : July 3, 2026, 11:17 a.m. This repo has been linked 2 different CVEs too.

AI安全知识库助手 - 基于RAG的网络安全问答系统

Dockerfile Python HTML JavaScript CSS PowerShell Shell

Updated: 2 weeks, 1 day ago
0 stars 0 fork 0 watcher
Born at : June 30, 2026, 4:04 a.m. This repo has been linked 1 different CVEs too.

Professional Nessus/NASL plugin writing skill for Claude Code. 25+ detection patterns, .inc library guide, vendor templates, VCF framework.

Updated: 2 weeks, 1 day ago
0 stars 0 fork 0 watcher
Born at : June 30, 2026, 2:32 a.m. This repo has been linked 1 different CVEs too.

Personal cybersecurity news dashboard — aggregates 12 top security feeds with auto-refresh, CVE detection, and threat tagging

TypeScript CSS JavaScript

Updated: 1 week ago
0 stars 0 fork 0 watcher
Born at : June 29, 2026, 11:24 a.m. This repo has been linked 1 different CVEs too.

None

Dockerfile Python Mako JavaScript TypeScript CSS

Updated: 2 weeks, 3 days ago
0 stars 0 fork 0 watcher
Born at : June 28, 2026, 9:41 p.m. This repo has been linked 1 different CVEs too.

Hourly CVE ingestion pipeline using bash, SnowSQL, and dbt

Shell Dockerfile

Updated: 2 weeks, 3 days ago
0 stars 0 fork 0 watcher
Born at : June 27, 2026, 10:31 a.m. This repo has been linked 1 different CVEs too.

My solutions and final project for CS50SQL — Harvard's Introduction to Databases with SQL

cs50sql cs50sql-final-project database sql sqlite

Python

Updated: 1 day, 12 hours ago
0 stars 0 fork 0 watcher
Born at : June 26, 2026, 6:49 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-12345 vulnerability anywhere in the article.

  • TheCyberThrone
Atlassian’s Security Advisory Addresses Multiple Vulnerabilities

In February 2025, Atlassian released a comprehensive security advisory addressing 12 critical and high-severity vulnerabilities across its suite of products, including Bamboo, Bitbucket, Confluence, C ... Read more

Published Date: Feb 21, 2025 (1 year, 4 months ago)

The following table lists the changes that have been made to the CVE-2024-12345 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Jun. 17, 2026

    Action Type Old Value New Value
    Added Affected [{'vendor': 'INW', 'modules': ['Daily Huddle Site'], 'product': 'Krbyyyzo', 'versions': [{'status': 'affected', 'version': '25.2002'}]}]
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jun. 17, 2026

    Action Type Old Value New Value
    Added SSVC {'id': 'CVE-2024-12345', 'role': 'CISA Coordinator', 'options': [{'exploitation': 'poc'}, {'automatable': 'no'}, {'technicalImpact': 'partial'}], 'version': '2.0.3', 'timestamp': '2025-01-27T13:47:14.575494Z'}
  • New CVE Received by [email protected]

    Jan. 27, 2025

    Action Type Old Value New Value
    Added Description A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The manipulation of the argument s leads to resource consumption. It is possible to launch the attack on the local host. Other endpoints might be affected as well.
    Added CVSS V4.0 AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CVSS V3.1 AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
    Added CVSS V2 (AV:L/AC:L/Au:M/C:N/I:N/A:C)
    Added CWE CWE-404
    Added CWE CWE-400
    Added Reference https://vuldb.com/?ctiid.293509
    Added Reference https://vuldb.com/?id.293509
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.