{"id":64346,"date":"2025-08-27T05:35:56","date_gmt":"2025-08-27T05:35:56","guid":{"rendered":""},"modified":"2025-10-03T12:33:08","modified_gmt":"2025-10-03T18:33:08","slug":"cve-2024-57157-unauthorised-access-to-sensitive-apis-in-jantent-v1-1","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2024-57157-unauthorised-access-to-sensitive-apis-in-jantent-v1-1\/","title":{"rendered":"CVE-2024-57157: Unauthorised Access to Sensitive APIs in Jantent v1.1<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity world has recently been alerted to a new vulnerability, CVE-2024-57157, that affects the Jantent v1.1 software. This flaw, stemming from incorrect access control, allows potential attackers to bypass the authentication process and gain access to sensitive APIs sans token. This vulnerability is particularly concerning due to the potential for system compromise and data leakage<\/a>, which can lead to substantial damage to any organization’s digital ecosystem and data integrity.
\nIn today’s digital world, correct access control<\/a> mechanisms are vital for maintaining the sanctity and safety of systems. When these controls are compromised, as in the case of Jantent v1.1, it opens up a Pandora’s box of potential threats and attacks, making it a key issue that cybersecurity<\/a> professionals and organizations using the platform must address promptly.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2024-57157
\nSeverity: Critical (9.8 CVSS Severity Score)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: System compromise and potential<\/a> data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n