Security Advisory

CVE-2024-54909

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-06 00:00:00

Last updated 2025-02-12 14:12:46

Assigner mitre

State PUBLISHED

Description

A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path parameter of the /api/resource/local/download endpoint, where manipulation of this parameter can lead to arbitrary file download.

← Browse all CVEs View on cve.org ↗