9 matches found
CVE-2026-4233
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
EUVD-2026-12399
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233
CVE-2026-4233 pertains to ThingsGateway 12, with a vulnerability in the /api/file/download endpoint. The issue arises from manipulating the fileName parameter, enabling path traversal and remote exploitation. Public exploit appears to be available, and multiple feeds (NVD/Red Hat/ENISA/EUVD/CVE r...
CVE-2026-4233 ThingsGateway download path traversal
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
CVE-2026-4233 ThingsGateway download path traversal
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...
ThingsGateway 路径遍历漏洞
ThingsGateway is an open-source industrial IoT edge computing gateway developed by ThingsGateway. Version 12 of ThingsGateway contains a path traversal vulnerability. This vulnerability stems from improper handling of the fileName parameter in files like /api/file/download, which may lead to path...
PT-2026-25674
A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...