CVE-2024-36857 | Jan 0.4.12 /v1/app/readFileSync path traversal

Posted by Angelo Barbosa | Jun 4, 2024 | CVE

A vulnerability classified as problematic was found in Jan 0.4.12. Affected by this vulnerability is an unknown functionality of the file /v1/app/readFileSync. The manipulation leads to path traversal.

This vulnerability is known as CVE-2024-36857. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-36857 | Jan 0.4.12 /v1/app/readFileSync path traversal

Related Posts

CVE-2024-42606 | Pligg CMS 2.0.2 admin_log.php cross-site request forgery

CVE-2024-41462 | Tenda FH1201 1.2.0.14 ip/goform/DhcpListClient page stack-based overflow

CVE-2024-5879 | HubSpot Plugin up to 11.1.22 on WordPress HubSpot Meeting Widget cross site scripting

CVE-2024-22570 | GreenCMS 2.3 install.php cross site scripting (Issue 11)