A vulnerability has been identified in Omnivise T3000...
Moderate severity
Unreviewed
Published
Aug 2, 2024
to the GitHub Advisory Database
•
Updated Aug 2, 2024
Description
Published by the National Vulnerability Database
Aug 2, 2024
Published to the GitHub Advisory Database
Aug 2, 2024
Last updated
Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected devices allow authenticated users to export diagnostics data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download arbitrary files from the file system.
References