3 matches found
CVE-2024-12646
The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection in the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12646
The CVE-2024-12646 entry concerns Chunghwa Telecom’s topm-client. Affected component: topm-client API surface that lacks CSRF protection, enabling unauthenticated remote attackers to interact with the local web server via phishing. A second issue is an Absolute Path Traversal vulnerability in one...
CVE-2024-12646 Chunghwa Telecom topm-client - Arbitrary File Delete
The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection in the APIs, unauthenticated remote attackers could use these APIs...