CVE-2021-30173

Summary

Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.

Affected Software

VendorProductVersion RangeStatus
Jun-He Technology Ltd.Quan-Fang-Wei-Tong-Xun system2007.2103affected

Weaknesses

  • CWE-36: CWE-36 Absolute Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References