CVE-2024-48864

MEDIUM Year: 2024
Weakness Type
CWE-552
View all →

Vulnerability Description

A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4741 and later

Related Vulnerabilities

CVE-2024-39931

CRITICAL
CVSS:9.9(Critical)

Gogs through 0.13.0 allows deletion of internal files.

CWE-5522024

CVE-2017-10930

CRITICAL
CVSS:9.8(Critical)

The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information lik...

CWE-5522017

CVE-2017-14942

CRITICAL
CVSS:9.8(Critical)

Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:...

CWE-5522017

CVE-2020-12743

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way prevent use of) its own file /setup/install/setup.php, meaning that anyone can request it...

CWE-5522020

CVE-2023-29931

CRITICAL
CVSS:9.8(Critical)

laravel-s 3.7.35 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php.

CWE-5522023

CVE-2023-48710

CRITICAL
CVSS:9.8(Critical)

iTop is an IT service management platform. Files from the `env-production` folder can be retrieved even though they should have restricted access. Hopefully, there is no sensitive files stored in that...

CWE-5522023