CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-22514
https://notcve.org/view.php?id=CVE-2024-22514
An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file. Un problema descubierto en iSpyConnect.com Agent DVR 5.1.6.0 permite a los atacantes ejecutar archivos arbitrarios restaurando un archivo de copia de seguridad manipulado. • https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution https://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-22515
https://notcve.org/view.php?id=CVE-2024-22515
Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to upload arbitrary files via the upload audio component. Vulnerabilidad de carga de archivos sin restricciones en iSpyConnect.com Agent DVR 5.1.6.0 permite a atacantes cargar archivos arbitrarios a través del componente de carga de audio. • https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution https://github.com/Orange-418/CVE-2024-22515-File-Upload-Vulnerability • CWE-434: Unrestricted Upload of File with Dangerous Type •