5 matches found
CVE-2023-43802
Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint /upload which handles request with the filename parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can...
CVE-2023-43802
Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint /upload which handles request with the filename parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can...
CVE-2023-43802 Path traversal in Arduino Create Agent
Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint /upload which handles request with the filename parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can...
CVE-2023-43802 Path traversal in Arduino Create Agent
Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint /upload which handles request with the filename parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can...
CVE-2023-43802
Arduino Create Agent is affected by a path traversal vulnerability in the /upload endpoint that processes the filename parameter. A user able to issue HTTP requests to the localhost interface or bypass CORS can escalate privileges to the user running the Arduino Create Agent service via a crafted...