Multiple Services such as VHS(Video History Server) and...
Critical severity
Unreviewed
Published
Jun 27, 2023
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Jun 26, 2023
Published to the GitHub Advisory Database
Jun 27, 2023
Last updated
Apr 4, 2024
Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well.
References