Security Advisory

CVE-2024-33881

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-24 00:00:00
Last updated 2024-09-15 19:20:42
Assigner mitre
State PUBLISHED

Description

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter.