aEnrich Technology a+HRD's functionality for downloading files using youtube-dl.exe does not properly restrict user input. This allows attackers to pass arbitrary arguments to youtube-dl.exe, leading to the download of partial unauthorized files.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2024-04-15T02:41:18.782Z

Updated: 2024-08-01T20:20:01.574Z

Reserved: 2024-04-15T01:56:14.581Z

Link: CVE-2024-3775

cve-icon Vulnrichment

Updated: 2024-08-01T20:20:01.574Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-15T04:15:16.137

Modified: 2024-11-21T09:30:22.403

Link: CVE-2024-3775

cve-icon Redhat

No data.