CVE-2026-22915

An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information...

CVE-2024-8685

Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to list device directories via the ‘/pictory/php/getFileList.php’ endpoint in the ‘dir’ parameter...

CVE-2024-8685 Path-Traversal vulnerability in Revolution Pi

Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH. This vulnerability could allow an authenticated attacker to list device directories via the ‘/pictory/php/getFileList.php’ endpoint in the ‘dir’ parameter...

CVE-2024-8685

CVE-2024-8685 affects Revolution Pi (KUNBUS GmbH) and is a path-traversal vulnerability exploiting the dir parameter of /pictory/php/getFileList.php. An authenticated attacker could list device directories. The CVE details present in multiple feeds consistently describe the issue but do not provi...

Fortinet FortiNAC 命令注入漏洞

Fortinet FortiNAC is a set of network access control solutions from the U.S. company Fita Fortinet. The product is primarily used for network access control and IoT security. Fortinet FortiNAC suffers from a command injection vulnerability that stems from the presence of a command injection...

Ecoa Bas controller 路径遍历漏洞

Ecoa Bas controller is a building automation controller from Ecoa Technologies Corp. in China. A path traversal vulnerability exists in Ecoa Bas controller, which can be exploited by attackers to compromise the device directory content by using the GET parameter in the file manager...