CVE-2024-13991
BaseFortify
Publication date: 2025-10-15
Last updated on: 2025-11-03
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huijietong | cloud_video_platform | 4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2024-13991 is a path traversal vulnerability in the Huijietong Cloud Video Platform. It allows an unauthenticated attacker to manipulate the 'fullPath' parameter in the '/fileDownload?action=downloadBackupFile' endpoint to supply arbitrary file paths. This enables the attacker to read any file on the server's filesystem without authentication or user interaction. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow attackers to read sensitive files on the server, such as configuration files and stored account credentials. This exposure can lead to further attacks, data breaches, and compromise of the server and its data. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by searching for access attempts to the vulnerable endpoint `/fileDownload?action=downloadBackupFile` with the `fullPath` parameter being manipulated. Tools like Fofa, Hunter, and Quake can be used to identify affected systems by searching for specific API paths. For example, searching for requests containing `/fileDownload?action=downloadBackupFile` or monitoring web server logs for suspicious requests to this endpoint can help detect exploitation attempts. Additionally, attempting to access sensitive files such as `/etc/passwd` via the vulnerable parameter can confirm the presence of the vulnerability. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing temporary blacklist rules for the vulnerable interface in the Web Application Firewall (WAF) to block exploitation attempts. It is also recommended to contact the vendor for patches or upgrade to a fixed version of the Huijietong Cloud Video Platform once available. [2]