Security Advisory

CVE-2024-6433

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-10 00:00:14

Last updated 2024-08-01 21:41:03

Assigner @huntr_ai

State PUBLISHED

Description

The application zips all the files in the folder specified by the user, which allows an attacker to read arbitrary files on the system by providing a crafted path. This vulnerability can be exploited by sending a request to the application with a malicious snapshot_path parameter.

← Browse all CVEs View on cve.org ↗