Description
CuteHttpFileServer v.3.1 version has an arbitrary file download vulnerability, which allows attackers to download arbitrary files on the server and obtain sensitive information.
References (1)
Core 1
Core References
Various Sources
https://www.yuque.com/sickle-ffnce/awixr8/gsu7nyi0gu9q1nl8
Scores
CVSS v3
7.1
EPSS
0.0024
EPSS Percentile
14.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-22
Status
published
Published
Apr 19, 2024
Tracked Since
Feb 18, 2026