CVE-2024-35474 | iceice666 ResourcePack Server up to 1.0.7 ResourcePackFileServer.kt setPath path traversal

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability classified as critical was found in iceice666 ResourcePack Server up to 1.0.7. Affected by this vulnerability is the function setPath of the file ResourcePackFileServer.kt. The manipulation leads to path traversal.

This vulnerability is known as CVE-2024-35474. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-35474 | iceice666 ResourcePack Server up to 1.0.7 ResourcePackFileServer.kt setPath path traversal

Related Posts

CVE-2024-5583 | posimyththemes The Plus Addons for Elementor Plugin up to 5.6.2 on WordPress Testimonials Widget carousel_direction cross site scripting

CVE-2024-6572 | Checkmk up to 2.0.0p39/2.1.0p47/2.2.0p32/2.3.0p14 Check SFTP Service key exchange without entity authentication

CVE-2024-10122 | Topdata Inner Rep Plus WebServer 2.01 Operator Details Form /InnerRepPlus.html missing password field masking

CVE-2023-52139 | Misskey prior 2023.12.1 improper authorization (GHSA-7pxq-6xx9-xpgm)