Path Traversal in Huijietong Cloud Video Platform
CVE-2024-13991
Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the `fullPath` parameter of the `/fileDownload?action=downloadBackupFile` endpoint and retri…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.004 (33.5th percentile) — read the EPSS interpretation.
Affected products
Weakness classification (CWE)
References
- disclosure@vulncheck.com (technical-description, exploit)
- disclosure@vulncheck.com (third-party-advisory)