CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2024-22514
https://notcve.org/view.php?id=CVE-2024-22514
06 Feb 2024 — An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file. Un problema descubierto en iSpyConnect.com Agent DVR 5.1.6.0 permite a los atacantes ejecutar archivos arbitrarios restaurando un archivo de copia de seguridad manipulado. • https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2024-22515
https://notcve.org/view.php?id=CVE-2024-22515
06 Feb 2024 — Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to upload arbitrary files via the upload audio component. Vulnerabilidad de carga de archivos sin restricciones en iSpyConnect.com Agent DVR 5.1.6.0 permite a atacantes cargar archivos arbitrarios a través del componente de carga de audio. • https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13093
https://notcve.org/view.php?id=CVE-2020-13093
15 May 2020 — iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. iSpyConnect.com Agent DVR versiones anteriores a 2.7.1.0, permite un salto de directorio. • https://www.ispyconnect.com/producthistory.aspx?productid=27 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •