High severity8.8NVD Advisory· Published Sep 21, 2017· Updated Jun 17, 2026
CVE-2017-12929
CVE-2017-12929
Description
Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:tecnovision:dlx_spot_player4:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:tecnovision:dlx_spot_player4:-:*:*:*:*:*:*:*
- (no CPE)range: >1.5.10
Patches
Vulnerability mechanics
References
1- packetstormsecurity.com/files/144258/DlxSpot-Shell-Upload.htmlnvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.