exploitDog

CVE-2024-57248

Опубликовано: 07 фев. 2025

Источник: nvd

CVSS3: 6.3

EPSS Низкий

Описание

Directory Traversal in File Upload in Gleamtech FileVista 9.2.0.0 allows remote attackers to achieve Code Execution, Information Disclosure, and Escalation of Privileges via injecting malicious payloads in HTTP requests to manipulate file paths, bypass access controls, and upload malicious files.

Ссылки

https://packetstorm.news/files/id/189021
Exploit
Third Party Advisory
https://www.gleamtech.com/filevista
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gleamtech:filevista:9.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.0019

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-pcxj-752c-m479

CVSS3: 6.3

github

12 месяцев назад

Directory Traversal in File Upload in Gleamtech FileVista 9.2.0.0 allows remote attackers to achieve Code Execution, Information Disclosure, and Escalation of Privileges via injecting malicious payloads in HTTP requests to manipulate file paths, bypass access controls, and upload malicious files.

EPSS

Процентиль: 41%

0.0019

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-22