VYPR

CGE

by Chtsecurity

CVEs (2)

  • CVE-2021-22858HigFeb 17, 2021
    risk 0.57cvss 8.8epss 0.01

    Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions.

  • CVE-2021-22857HigFeb 17, 2021
    risk 0.49cvss 7.5epss 0.02

    The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily.