CVE-2022-25216
N/A
N/A
Summary
An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access, by means of an HTTP GET request to http://<IP_ADDRESS>:32080/download/<URL_ENCODED_PATH>.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | DVDFab 12 Player / PlayerFab | 6.2.1.0 - 7.0.0.5 | affected |
Weaknesses
- Path traversal
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.