← Back

Tightrope Media Carousel Digital Signage

tightrope_media_carousel_digital_signage

Vendor: Trms • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-14573
1Trms
1Tightrope Media Carousel Digital Signage
Nov 21, 2024
Jul 23, 2018
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary files through the use of...Show more
A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary files through the use of directory traversal sequences, aka CSL-1683.Show less