CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Lcnet: >> Smart Evision >> 2022.03.21 Security Vulnerabilities

CVE-2022-39034

Smart eVision has a path traversal vulnerability in the Report API function due to insufficient filtering for special characters in URLs. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication, access restricted paths and download system files.

CVSS Score

6.5

EPSS Score

0.002

Published

2022-09-28

Page 1

Vulnerabilities

Vulnerable Software

Lcnet: >> Smart Evision >> 2022.03.21 Security Vulnerabilities

Products

Pricing

Contact Us