A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any HTTP request.
Metrics
Affected Vendors & Products
References
History
Tue, 22 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Vilo
Vilo 5 Mesh Wifi System |
|
Weaknesses | CWE-116 CWE-79 |
|
CPEs | cpe:2.3:h:vilo:5_mesh_wifi_system:*:*:*:*:*:*:*:* | |
Vendors & Products |
Vilo
Vilo 5 Mesh Wifi System |
|
Metrics |
cvssV3_1
|
Mon, 21 Oct 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any HTTP request. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-21T00:00:00
Updated: 2024-10-22T13:46:38.226Z
Reserved: 2024-07-05T00:00:00
Link: CVE-2024-40088
Vulnrichment
Updated: 2024-10-22T13:46:31.936Z
NVD
Status : Awaiting Analysis
Published: 2024-10-21T21:15:06.080
Modified: 2024-10-23T15:12:34.673
Link: CVE-2024-40088
Redhat
No data.