CVE-2022-25098

Name of the Vulnerable Software and Affected Versions ECTouch version 2

Description The issue is related to arbitrary file deletion due to insufficient filtering of the filename parameter. This allows for potential unauthorized access and modification of files.

Recommendations For ECTouch version 2, consider restricting access to the filename parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the filename parameter in sensitive operations until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.