2 matches found
CVE-2026-2985 Tiandy Video Surveillance System 视频监控平台 CLSBODownLoad.java downloadImage server-side request forgery
A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...
CVE-2026-2985
CVE-2026-2985 affects Tiandy Video Surveillance System 7.17.0. The flaw resides in the downloadImage function of /com/tiandy/easy7/core/bo/CLSBODownLoad.java, where manipulating the urlPath argument enables server-side request forgery. The vulnerability can be exploited remotely, with public expl...