Unrated severityNVD Advisory· Published Aug 2, 2024· Updated Aug 2, 2024

Digiwin EasyFlow .NET - Arbitrary File Download

CVE-2024-7323

Description

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vulnerability to download arbitrary files from the remote server .

Affected products

Digiwin/Easyflow .netv5
Range: 5.*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.twcert.org.tw/en/cp-139-7990-87183-2.htmlmitrethird-party-advisory
www.twcert.org.tw/tw/cp-132-7989-9c4ea-1.htmlmitrethird-party-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000