High severity8.1NVD Advisory· Published Feb 6, 2025· Updated Apr 15, 2026
CVE-2024-54909
CVE-2024-54909
Description
A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path parameter of the /api/resource/local/download endpoint, where manipulation of this parameter can lead to arbitrary file download.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = v4.1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.