CVE-2024-10200

Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.
Configurations

Configuration 1 (hide)

cpe:2.3:a:wellchoose:administrative_management_system:-:*:*:*:*:*:*:*

History

24 Oct 2024, 13:57

Type Values Removed Values Added
CPE cpe:2.3:a:wellchoose:administrative_management_system:-:*:*:*:*:*:*:*
References () https://www.twcert.org.tw/en/cp-139-8158-dadbc-2.html - () https://www.twcert.org.tw/en/cp-139-8158-dadbc-2.html - Third Party Advisory
References () https://www.twcert.org.tw/tw/cp-132-8159-0f7a2-1.html - () https://www.twcert.org.tw/tw/cp-132-8159-0f7a2-1.html - Third Party Advisory
CWE CWE-22
First Time Wellchoose
Wellchoose administrative Management System

21 Oct 2024, 17:09

Type Values Removed Values Added
Summary
  • (es) Administrative Management System de Wellchoose tiene una vulnerabilidad de path traversal, lo que permite a atacantes remotos no autenticados explotar esta vulnerabilidad para descargar archivos arbitrarios en el servidor.

21 Oct 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 04:15

Updated : 2024-10-24 13:57


NVD link : CVE-2024-10200

Mitre link : CVE-2024-10200

CVE.ORG link : CVE-2024-10200


JSON object : View

Products Affected

wellchoose

  • administrative_management_system
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-23

Relative Path Traversal