CVE-2022-38614 Information

Description

An issue in the IGB Files and OutfileService features of SmartVista Cardgen v3.28.0 allows attackers to list and download arbitrary files via modifying the PATH parameter.

Reference

http://bpcbt.com http://smartvista.com https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/list-all-files-in-arbitrary-folder-in-smartvista-cardgen-version-3.28.0-cve-2022-38614