CVE-2024-8778 Information

Description

OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality allowing remote attackers with regular privileges to read arbitrary system files.

Reference

https://www.twcert.org.tw/tw/cp-132-8073-ff771-1.html https://www.twcert.org.tw/en/cp-139-8074-66457-2.html