Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the `fullPath` parameter of the `/fileDownload?action=downloadBackupFile` endpoint and retrieve files from the server filesystem.ย VulnCheck has observed this vulnerability being exploited in the wild.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation2 reference(s) from NVD