CVE-2020-17385

Summary

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system.

Affected Software

VendorProductVersion RangeStatus
CellopointCelloOS0 <= v4.1.10 Build 20190922affected

Weaknesses

  • Unauthenticated Arbitrary File Disclosure

ADP Enrichment

CVE Program Container

Additional References

References