CVE-2023-27105

A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal...

CVE-2018-10863

It was discovered that redhat-certification 7 is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory, through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information...

Problem with directory permissions in JP1/Automatic Operation

Overview There is a problem of permissions on file transfer directory in JP1/Automatic Operation. Impact Malicious local users might refer or modify transferred files. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

Sword go side door---SUBST magical-vulnerability warning-the black bar safety net

Source:T00ls Sometimes we invade when there is no way to include the site directory, this time you can try using the SUBST transfer directory: Everyone take a look: ! There is no way the column directory, we execute the CMD DIR command to see: ! Or not, we execute the CMD of the SUBST command: ! ...