CVE-2023-49864 in AVideoinformazioni

Riassunto

di MITRE • 10/01/2024

An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_image` parameter.

Be aware that VulDB is the high quality source for vulnerability data.

Responsabile

Talos

Prenotare

30/11/2023

Divulgazione

10/01/2024

Moderazione

accettato

CPE

pronto

EPSS

0.01072

KEV

no

Attività

molto basso

Fonti

Do you want to use VulDB in your project?

Use the official API to access entries easily!