Medium severity6.5NVD Advisory· Published Aug 25, 2020· Updated Jun 17, 2026
CVE-2020-17386
CVE-2020-17386
Description
Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24.1.10 Build 20190922+ 1 more
- (no CPE)range: 4.1.10 Build 20190922
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- www.twcert.org.tw/tw/cp-132-3847-c62ca-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.