← Back

CVE-2024-33863

nvd nist
Published: May 14, 2024Modified: Apr 28, 2025

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/Cdn/GetFile local file inclusion.

Affected (1)

Products: Linqi: Linqi
Linqi
1 product
Linqi
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Linqi
Before 1.4.0.1
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

References (4)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Product
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Product

Timeline

No history available yet.