CVE-2024-21877

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability through a url parameter in Enphase IQ Gateway formerly known as Envoy allows File Manipulation. The endpoint requires authentication.This issue affects Envoy: from 4.x to 8.0 and 8.2.4225...

PT-2024-19109 · Enphase · Enphase Iq Gateway

Name of the Vulnerable Software and Affected Versions: Enphase IQ Gateway formerly known as Envoy versions 4.x through 8.x Description: The issue is related to an improper neutralization of special elements used in a command, allowing OS command injection. This vulnerability is present in an...