CNNVD-202510-2269 Information

Oct 15, 2025 cve

CNNVD ID

CNNVD-202510-2269

CVE-2024-13991

CNNVD Published: 2025-10-15

Description (Chinese)

HuiJieTong Cloud Video Platform是中国慧捷通（HuiJieTong）公司的一个云视频平台。 HuiJieTong Cloud Video Platform存在安全漏洞，该漏洞源于未经验证的攻击者可向/fileDownload?action=downloadBackupFile端点的fullPath参数提供任意文件路径，可能导致路径遍历攻击。

Description (English)

Huiji Tong Cloud Video Platform is a cloud video platform for Huijie Tong in China. There is a security loophole in HuiJieTong Cloud Video Platform, which originates from uncertified assailants who can provide a full-file path to the fullPath parameter at the end of /fileDownload?action=downloadBackupFile, which could lead to a full-scale attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

慧捷通

Published

2025-10-15

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/huijietong-cloud-video-platform-filedownload-arbitrary-file-read https://cn-sec.com/archives/2941393.html https://access.redhat.com/security/cve/cve-2024-13991

Share on: