9 matches found
EUVD-2024-38311
Malicious code in bioql PyPI...
CVE-2024-39937
supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files...
CVE-2024-39937
supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files...
CVE-2024-39937
supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files...
CVE-2024-39937
supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files...
Bluetron supOS Security Vulnerabilities
Bluetron supOS is an industrial operating system from the Chinese company Bluetron. A security vulnerability exists in Bluetron supOS version 5.0, which originates from allowing the api/image/download?fileName=... /directory traversal to read files...
CVE-2024-39937
supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files...
CVE-2024-39937
CVE-2024-39937 concerns supOS 5.0, where the API endpoint /api/image/download accepts a parameter fileName that can be manipulated with ../ to perform a directory traversal and read arbitrary files. The vulnerability is a path traversal in the image download functionality, leading to potential co...
PT-2024-28744
Name of the Vulnerable Software and Affected Versions supOS version 5.0 Description The issue allows directory traversal for reading files via the "api/image/download" endpoint, specifically when the fileName parameter contains ../. This enables unauthorized access to files on the system...