3 matches found
CVE-2025-51463
Path Traversal in restorerunbackup in AIM 3.28.0 allows remote attackers to write arbitrary files to the server's filesystem via a crafted backup tar file submitted to the runinstruction API, which is extracted without path validation during restoration...
CVE-2025-51463
CVE-2025-51463 concerns AIM 3.28.0, where a path traversal flaw in the restore_run_backup() function lets remote attackers craft a backup tar for the run_instruction API and write arbitrary files to the server filesystem because paths are not validated during extraction. Affected component: AIM s...
CVE-2025-51463
Path Traversal in restorerunbackup in AIM 3.28.0 allows remote attackers to write arbitrary files to the server's filesystem via a crafted backup tar file submitted to the runinstruction API, which is extracted without path validation during restoration...