9 matches found
EUVD-2024-51021
Malicious code in bioql PyPI...
CVE-2024-12646 Chunghwa Telecom topm-client - Arbitrary File Delete
The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection in the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12646
The CVE-2024-12646 entry concerns Chunghwa Telecom’s topm-client. Affected component: topm-client API surface that lacks CSRF protection, enabling unauthenticated remote attackers to interact with the local web server via phishing. A second issue is an Absolute Path Traversal vulnerability in one...
CVE-2024-12646 Chunghwa Telecom topm-client - Arbitrary File Delete
The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection in the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12645 Chunghwa Telecom topm-client - Arbitrary File Read
The topm-client from Chunghwa Telecom has an Arbitrary File Read vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12645 Chunghwa Telecom topm-client - Arbitrary File Read
The topm-client from Chunghwa Telecom has an Arbitrary File Read vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12645
CVE-2024-12645 affects Chunghwa Telecom topm-client. One API is vulnerable to Relative Path Traversal and the suite also lacks CSRF protection, enabling phishing-based unauthenticated access to read arbitrary files on the user’s system. Per CNNVD, affected topm-client versions are 0.3.14 through ...
Chunghwa Telecom topm-client 安全漏洞
Chunghwa Telecom topm-client is an application from Chunghwa Telecom Taiwan, China. A security vulnerability exists in Chunghwa Telecom topm-client versions 0.3.14 through 0.3.17, which stems from the presence of arbitrary file deletion and lack of CSRF protection, as well as an absolute path...
Chunghwa Telecom topm-client 安全漏洞
Chunghwa Telecom topm-client is an application from Chunghwa Telecom Taiwan, China. A security vulnerability exists in Chunghwa Telecom topm-client versions 0.3.14 through 0.3.17, which stems from the presence of arbitrary file reading and lack of CSRF protection, as well as a relative path...