Security Advisory

CVE-2020-37034

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-30 22:07:12

Last updated 2026-02-02 20:13:25

Assigner VulnCheck

State PUBLISHED

Description

HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by manipulating filepath and filename parameters. Attackers can send crafted GET requests to download.asp with directory traversal to access sensitive configuration and system files.

← Browse all CVEs View on cve.org ↗