CVE

CVE-2022-39034

admin

CVE-2022-39034

Smart eVision has a path traversal vulnerability in the Report API function due to insufficient filtering for special characters in URLs. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication, access restricted paths and download system files.

Source: CVE-2022-39034

Exit mobile version