Vulnerabilities > CVE-2024-9922 - Unspecified vulnerability in Teamplus Team+ PRO

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

teamplus

NVD

Published: 2024-10-14

Updated: 2024-10-24

Summary

The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.

Vulnerable Configurations

Part	Description	Count
Application	Teamplus Teamplus Team+ PRO *	1

References

https://www.twcert.org.tw/tw/cp-132-8126-5d9d2-1.html
https://www.twcert.org.tw/en/cp-139-8127-41699-2.html