CVE Details: CVE-2024-9922

Description

The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.

Published Date: 2024-10-14
Last Modified Date: 2024-10-15
Severity: HIGH
CVSS v3 Score: 7.5
CWE ID: CWE-23
Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
User Interaction: NONE
Scope: UNCHANGED
Confidentiality Impact: HIGH
Integrity Impact: NONE
Availability Impact: NONE

Back to CVE List