Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Elcomplus SmartPtt Path Traversal
Vulnerability Description
Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Elcomplus SmartPPT 路径遍历漏洞
Vulnerability Description
Elcomplus SmartPPT是美国Elcomplus公司的一个集成语音和数据调度软件。 Elcomplus SmartPPT存在路径遍历漏洞,该漏洞源于该软件使用外部输入来构造一个路径名,该路径名应位于受限目录中,但它无法正确转义特殊字符序列,该序列可以解析到该目录之外的位置。
CVSS Information
N/A
Vulnerability Type
N/A