Security Advisory

CVE-2024-21876

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-10 17:44:50

Last updated 2025-03-11 13:38:30

Assigner DIVD

State PUBLISHED

Description

Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy) allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and < 8.2.4225.

← Browse all CVEs View on cve.org ↗