3 matches found
CVE-2023-23063
Cellinx NVT on version 1.0.6.002b contains a local file disclosure via /cgi-bin/GetFileContent.cgi. The issue allows unauthenticated attackers to read arbitrary files from the server by supplying a path in the GetFileContent.cgi component, exposing sensitive data such as configuration files or vi...
CVE-2020-28250
CVE-2020-28250 affects Cellinx NVT Web Server 5.0.0.014b.test (2019-09-05). The vulnerability allows a remote user to run commands as root via SetFileContent.cgi because authentication is performed on the client side. Exploitation details are not provided in the documents; no patch/version remedi...
CVE-2024-24215
Summary: CVE-2024-24215 affects Cellinx NVT Web Server 5.0.0.014. The flaw is in /cgi-bin/GetJsonValue.cgi, enabling an attacker to leak configuration information via a crafted POST request. The NVD/Red Hat/CNNVD entries confirm the same component and impact (information disclosure) without detai...