An arbitrary file upload and directory traversal vulnerability exist in the file upload functionality of the System Setup menu in AgeVolt Portal prior to version 0.1. A remote authenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with web server privileges.


https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38484
An arbitrary file upload and directory traversal vulnerability exist in the file upload functionality of the System Setup menu in AgeVolt Portal prior to version 0.1. A remote authenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with web server privileges.
2023-10-25T18:17:14Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38484