A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to exploit this vulnerability.
Metrics
Affected Vendors & Products
References
History
Thu, 03 Oct 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Veertu
Veertu anka Build |
|
CPEs | cpe:2.3:a:veertu:anka_build:1.42.0:*:*:*:*:*:*:* | |
Vendors & Products |
Veertu
Veertu anka Build |
|
Metrics |
ssvc
|
Thu, 03 Oct 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to exploit this vulnerability. | |
Weaknesses | CWE-22 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2024-10-03T15:16:10.932Z
Updated: 2024-10-03T17:22:48.649Z
Reserved: 2024-08-02T16:07:12.893Z
Link: CVE-2024-41163
Vulnrichment
Updated: 2024-10-03T17:02:48.889Z
NVD
Status : Received
Published: 2024-10-03T16:15:05.427
Modified: 2024-10-03T16:15:05.427
Link: CVE-2024-41163
Redhat
No data.