The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.

Criminal IP


Criminal IP is an OSINT-based Cyber Threat Intelligence Search Engine. Discover everything about cybersecurity, including IP addresses, URLs, IoT devices, C2 servers, CVE vulnerabilities, exploits, and data integration into Criminal IP API.

Listed: