VYPR
Medium severity6.5NVD Advisory· Published Aug 25, 2020· Updated Jun 17, 2026

CVE-2020-17386

CVE-2020-17386

Description

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Cellopoint/CelloOSllm-fuzzy2 versions
    4.1.10 Build 20190922+ 1 more
    • (no CPE)range: 4.1.10 Build 20190922
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.