aEnrich Technology a+HRD's functionality for downloading files using youtube-dl.exe does not properly restrict user input. This allows attackers to pass arbitrary arguments to youtube-dl.exe, leading to the download of partial unauthorized files.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.twcert.org.tw/tw/cp-132-7726-e5f70-1.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2024-04-15T02:41:18.782Z
Updated: 2024-08-01T20:20:01.574Z
Reserved: 2024-04-15T01:56:14.581Z
Link: CVE-2024-3775
Vulnrichment
Updated: 2024-08-01T20:20:01.574Z
NVD
Status : Awaiting Analysis
Published: 2024-04-15T04:15:16.137
Modified: 2024-11-21T09:30:22.403
Link: CVE-2024-3775
Redhat
No data.