CVE-2024-3218
Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversal
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversal
A vulnerability classified as critical has been found in Shibang Communications IP Network Intercom Broadcasting System 1.0. This affects an unknown part of the file /php/busyscreenshotpush.php. The manipulation of the argument jsondata[callee]/jsondata[imagename] leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259065 was assigned to this vulnerability.
Es wurde eine Schwachstelle in Shibang Communications IP Network Intercom Broadcasting System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /php/busyscreenshotpush.php. Durch Manipulation des Arguments jsondata[callee]/jsondata[imagename] mit unbekannten Daten kann eine path traversal: '../filedir'-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CWE-24 Path Traversal: '../filedir'
| 2024-04-02: | Advisory disclosed |
| 2024-04-02: | VulDB entry created |
| 2024-04-02: | VulDB entry last update |
Guo Jiabao (VulDB User)
vuldb.com/?id.259065 (VDB-259065 | Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversal)
vuldb.com/?ctiid.259065 (VDB-259065 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/?submit.308510 (Submit #308510 | Shibang Communications Co., Ltd. IP network intercom broadcasting system v1.0 Write any file)
github.com/garboa/cve_3/blob/main/file_put_content.md
Support options
