Mycodo is an environment monitoring and conditioning system. Used to couple inputs and outputs to sense and manipulate the environment, Mycodo is vulnerable to a path traversal vulnerability in versions prior to 8.12.7, which stems from a networked system or product failing to properly filter special elements in a resource or file path. An attacker with a right of access endpoint could exploit the vulnerability to download files outside of the expected directory.
CPE | Name | Operator | Version |
---|---|---|---|
mycodo mycodo | lt | 8.12.7 |