Security Advisory

CVE-2024-13991

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-15 01:21:41

Last updated 2025-11-03 15:48:22

Assigner VulnCheck

State PUBLISHED

Description

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the `fullPath` parameter of the `/fileDownload?action=downloadBackupFile` endpoint and retrieve files from the server filesystem. VulnCheck has observed this vulnerability being exploited in the wild.

← Browse all CVEs View on cve.org ↗