VYPR
High severity8.8NVD Advisory· Published Sep 21, 2017· Updated Jun 17, 2026

CVE-2017-12929

CVE-2017-12929

Description

Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:tecnovision:dlx_spot_player4:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:tecnovision:dlx_spot_player4:-:*:*:*:*:*:*:*
    • (no CPE)range: >1.5.10

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.