4 matches found
CVE-2022-28710
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-30534
An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-30534
CVE-2022-30534 affects WWBN AVideo 11.6 and dev master commit 3f7c0364. The OS command injection occurs in the aVideoEncoder chunkfile handling, where a specially crafted HTTP request leads to arbitrary command execution. Talos details show the vulnerability path via the aVideoEncoder.json.php fl...
PT-2022-19186 · Wwbn · Avideo
Name of the Vulnerable Software and Affected Versions: WWBN AVideo versions 11.6 and dev master commit 3f7c0364 Description: An information disclosure issue exists in the chunkFile functionality, allowing an attacker to read arbitrary files by sending a specially-crafted HTTP request...