9 matches found
CVE-2026-4233
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
EUVD-2026-12399
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233 ThingsGateway download path traversal
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233 ThingsGateway download path traversal
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233
CVE-2026-4233 pertains to ThingsGateway 12, with a vulnerability in the /api/file/download endpoint. The issue arises from manipulating the fileName parameter, enabling path traversal and remote exploitation. Public exploit appears to be available, and multiple feeds (NVD/Red Hat/ENISA/EUVD/CVE r...
ThingsGateway 路径遍历漏洞
ThingsGateway is an open-source industrial IoT edge computing gateway developed by ThingsGateway. Version 12 of ThingsGateway contains a path traversal vulnerability. This vulnerability stems from improper handling of the fileName parameter in files like /api/file/download, which may lead to path...
PT-2026-25674
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...