Unrated severityNVD Advisory· Published Feb 15, 2024· Updated Aug 2, 2024
Hgiga OAKlouds - Arbitrary File Read And Delete
CVE-2024-26261
Description
The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File Read and Delete vulnerability. Attackers can put file path in specific request parameters, allowing them to download the file without login. Furthermore, the file will be deleted after being downloaded.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.chtsecurity.com/news/e456f679-9091-4de4-8f78-9262d20d6a96mitrethird-party-advisory
- www.twcert.org.tw/tw/cp-132-7674-bdb40-1.htmlmitrethird-party-advisory
News mentions
0No linked articles in our index yet.