189 matches found
HummerCloud HummerRisk 代码问题漏洞
HummerCloud HummerRisk is an open-source cloud-native security platform developed by HummerCloud Technology in China. It addresses security and governance issues in cloud-native environments in a non-invasive manner. Its core capabilities include security governance for hybrid clouds and...
CVE-2026-39370
WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then...
Server-side Request Forgery (SSRF)
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the downloadURL parameter processing in objects/aVideoEncoder.json.php. An attacker can access internal resources and exfiltrat...
WWBN AVideo has an Allowlisted downloadURL media extensions bypass SSRF protection and enable internal response exfiltration (Incomplete fix for CVE-2026-27732)
The fix for CVE-2026-27732 is incomplete. objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then fetches the response and stores it ...
CVE-2026-39370
WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then...
CVE-2026-39370
WWBN AVideo (versions 26.0 and prior) is affected by CVE-2026-39370. The flaw resides in objects/aVideoEncoder.json.php which still accepts attacker-controlled downloadURL values with common media or archive extensions (e.g., .mp4, .mp3, .zip, .jpg, .png, .gif, .webm) that bypass SSRF validation....
CVE-2026-39370
WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then...
PT-2026-30989
WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then...
Arbitrary File Upload
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Arbitrary File Upload through the downloadVideoFromDownloadURL function. A user with upload permissions can execute arbitrary code on the server by uploading a...
AVideo: Remote Code Execution via PHP Temp File in Encoder downloadURL
Summary The downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing an invalid resolution parameter, an attacker triggers an early die via...
CVE-2026-33717 AVideo Vulnerable to Remote Code Execution via Persistent PHP Temp File in Encoder downloadURL with Resolution Validation Abort
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...
CVE-2026-33717 AVideo Vulnerable to Remote Code Execution via Persistent PHP Temp File in Encoder downloadURL with Resolution Validation Abort
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing...
CVE-2026-33717
Summary: CVE-2026-33717 affects WWBN AVideo (versions up to 26.0). The vulnerability in the downloadVideoFromDownloadURL() function stores remote content in a web-accessible temp directory using the original URL filename/extension (including .php). By passing an invalid resolution parameter, an a...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /download URL validation process. An attacker can access internal resources or trigger unintended network requests by crafting a browser-side redirect that bypasses validation. Remediation Upgrad...
EUVD-2025-208883
OS command injection in the CWMP client /ftl/bin/cwmp of Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers controlling the ACS endpoint to execute arbitrary commands as root via a crafted TR-069 Download URL that is passed unescaped into t...
CVE-2025-67113
OS command injection in the CWMP client /ftl/bin/cwmp of Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers controlling the ACS endpoint to execute arbitrary commands as root via a crafted TR-069 Download URL that is passed unescaped into t...
PT-2026-26318
OS command injection in the CWMP client /ftl/bin/cwmp of Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers controlling the ACS endpoint to execute arbitrary commands as root via a crafted TR-069 Download URL that is passed unescaped into t...
CVE-2025-67113
CVE-2025-67113 describes an OS command injection in the CWMP client (/ftl/bin/cwmp) of the Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware prior to DG3934v3@2308041842. The root cause is unescaped TR-069 Download URL input being passed into the firmware upgrade pipeline, allowing remot...
PT-2026-24169
Name of the Vulnerable Software and Affected Versions FileBrowser versions prior to 1.3.1-beta and 1.2.2-stable Description An incomplete remediation for a previous issue allows disclosure of tokenized download URLs via the /public/api/share/info endpoint for password-protected shares. The issue...
CVE-2026-3189
A weakness has been identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This vulnerability affects unknown code of the file /api/admin/common/files/download. Executing a manipulation of the argument url can lead to server-side request forgery. The attack can be executed remotely. Attacks ...