Vulnerability CVE-2024-8778


Published: 2024-09-16

Description:
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files.

Type:

CWE-36

(Absolute Path Traversal)

 References:
https://www.twcert.org.tw/tw/cp-132-8073-ff771-1.html
https://www.twcert.org.tw/en/cp-139-8074-66457-2.html

Copyright 2024, cxsecurity.com

 

Back to Top