Platinum Upnp SDK through 1.2.0 has a directory traversal vulnerability. The attack could remote attack victim by sending http://ip:port/../privacy.avi URL to compromise a victim's privacy.
References
Link | Resource |
---|---|
https://github.com/plutinosoft/Platinum/commit/9a4ceaccb1585ec35c45fd8e2585538fff6a865e | Patch Third Party Advisory |
https://github.com/plutinosoft/Platinum/issues/22 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-01-21T12:19:25
Updated: 2022-01-21T12:19:25
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-19858
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-21T13:15:08.197
Modified: 2022-01-27T14:37:54.867
Link: CVE-2020-19858
JSON object: View
Redhat Information
No data.
CWE