PT-2024-16900 · Unknown · Trcore Dvc
Kun Xian Lin
·
Published
2024-11-17
·
Updated
2024-11-20
·
CVE-2024-11309
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TRCore DVC versions up to 6.3
Description
The issue allows unauthenticated remote attackers to exploit a Path Traversal vulnerability, enabling them to read arbitrary system files. This can lead to unauthorized file access.
Recommendations
For versions up to 6.3, patch immediately and review file permissions to mitigate the risk of exploitation.
Fix
Path traversal
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Trcore Dvc