Security Advisory

CVE-2021-44162

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-20 03:10:21
Last updated 2024-09-16 23:42:02
Assigner twcert
State PUBLISHED

Description

Chain Sea ai chatbot system’s specific file download function has path traversal vulnerability. The function has improper filtering of special characters in URL parameters, which allows a remote attacker to download arbitrary system files without authentication.