CVE-2022-24632

MEDIUM

AudioCodes Device Manager Express <7.8.20002.47752 - Path Traversal

Title source: llm

Description

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via the BrowseFiles.php view parameter.

Exploits (1)

exploitdb WORKING POC

by Eric Flokstra · pythonwebappsphp

https://www.exploit-db.com/exploits/51145

View Code ZIP pw:eip

References (1)

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2023/Feb/12

Scores

CVSS v3 5.3

EPSS 0.5389

EPSS Percentile 98.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

audiocodes/device_manager_express < 7.8.20002.47752

Published May 29, 2023

Tracked Since Feb 18, 2026