Arbitrary File Upload and Directory Traversal Vulnerability in AgeVolt Portal

Arbitrary File Upload and Directory Traversal Vulnerability in AgeVolt Portal

CVE-2022-38484 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An arbitrary file upload and directory traversal vulnerability exist in the file upload functionality of the System Setup menu in AgeVolt Portal prior to version 0.1. A remote authenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with web server privileges.

Learn more about our Web App Pen Testing.