Directory Traversal Vulnerability in ZLMediaKit by ZLMedia
CVE-2023-31861

7.5HIGH

Key Information:

Vendor: Zlmediakit
Status: Zlmediakit
Vendor: CVE Published:; 25 May 2023

What is CVE-2023-31861?

ZLMediaKit 4.0 is susceptible to a directory traversal vulnerability that allows attackers to gain unauthorized access to the file system. By exploiting this flaw, malicious actors can read sensitive files outside of the intended directories, potentially compromising the security of the system. Proper mitigations and regular software updates are essential to safeguard against such vulnerabilities.

References

https://github.com/nbb651/CVE-ZLMediaKit/blob/main/README.md

https://gist.github.com/nbb651/5aa72867fc1df3ef52e690b293...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 25, 2023
Vulnerability Reserved
Apr 29, 2023

CVE-2023-31861 Data

JSON

Zlmediakit

What is CVE-2023-31861?

References

CVSS V3.1

Timeline