CVE-2024-10200 HIGH

CVE-2024-10200: Wellchoose Administrative Management System - Arbitrary File Read through Path Traversal

Vendor Wellchoose

Product Administrative Management System

Weakness CWE-23

Published October 21, 2024

Last update October 21, 2024

View on NVD All CVEs

CVSS base score

7.5/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.

Key dates

02Disclosure timeline

October 21, 2024 CVE published

October 21, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-10200 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/23.html

Related vulnerabilities

CVE-2024-10200: Wellchoose Administrative Management System - Arbitrary File Read through Path Traversal

01Description

02Disclosure timeline

03References

04Related CVE