2025-08-06 00:00:00
mitre
PUBLISHED
A local file inclusion (LFI) vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized readfile() function call in /api_vedo/video/preview.