Unauthenticated File Download Vulnerability in Aseco Lietuva DVS Avilys
CVE-2022-27192 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files.
Learn more about our Web Application Penetration Testing UK.