25 matches found
CVE-2025-15066
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Missing Authorization vulnerability in Innorix WP allows Path Traversal.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15067
Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15067
Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15066
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Missing Authorization vulnerability in Innorix WP allows Path Traversal.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15067 Unrestricted File Upload and RCE in Innorix WP
Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15067 Unrestricted File Upload and RCE in Innorix WP
Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15067
CVE-2025-15067 affects Innorix WP. The issue is an Unrestricted Upload of File with Dangerous Type that can allow uploading a Web Shell to the web server when anexam directory exists under the installation path (e.g., innorix/exam). All versions are affected as stated in the initial description. ...
EUVD-2025-205541
Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15066 Arbitrary File Download through Path Traversal in Innorix WP
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Missing Authorization vulnerability in Innorix WP allows Path Traversal.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15066 Arbitrary File Download through Path Traversal in Innorix WP
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Missing Authorization vulnerability in Innorix WP allows Path Traversal.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
CVE-2025-15066
CVE-2025-15066 affects Innorix WP with a path traversal flaw due to improper pathname restriction in the installation directory (exam directory). All versions are implicated if innorix/exam exists; can lead to arbitrary file download. Exploitation details are not provided beyond the description; ...
EUVD-2025-205542
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Missing Authorization vulnerability in Innorix WP allows Path Traversal.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...
PT-2025-53678
Name of the Vulnerable Software and Affected Versions Innorix WP affected versions not specified Description A path traversal and missing authorization issue exists in Innorix WP. The issue allows path traversal if the 'exam' directory exists under the product’s installation directory e.g.,...
INNORIX WP 安全漏洞
INNORIX WP is a high-capacity file transfer software from the Korean company INNORIX. A security vulnerability exists in INNORIX WP that stems from improper path restriction and lack of authorization, which could lead to path traversal...
INNORIX WP 安全漏洞
INNORIX WP is a high-capacity file transfer software from the Korean company INNORIX. A security vulnerability exists in INNORIX WP that stems from an unrestricted upload of dangerous types of files, which could result in the upload of a Web Shell to a Web server...
PT-2025-53679
Name of the Vulnerable Software and Affected Versions Innorix WP affected versions not specified Description The software contains a flaw related to unrestricted file uploads, potentially allowing an attacker to upload a web shell to a web server. This issue arises if the 'exam' directory exists...
EUVD-2020-28783
Malware in sbrugna...
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to ...
Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster
The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. "One characteristic of the attacks identified in 2023 is that there are numerous malware strains...
CVE-2020-7851
Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing...