CVE-2024-11310 HIGH

CVE-2024-11310: TRCore DVC - Arbitrary File Read through Path Traversal

Vendor Trcore

Product DVC

Weakness CWE-23

Published November 18, 2024

Last update November 18, 2024

View on NVD All CVEs

CVSS base score

7.5/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.

Key dates

02Disclosure timeline

November 18, 2024 CVE published

November 18, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-11310

Related vulnerabilities

CVE-2024-11310: TRCore DVC - Arbitrary File Read through Path Traversal

01Description

02Disclosure timeline

03References

04Related CVE