CVE-2024-22515
Description
Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to upload arbitrary files via the upload audio component.
NVD
Severity: HIGH
CVE ID: CVE-2024-22515
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Orange-418
CVE-2024-22515 arbitrary file upload and CVE-2024-22514 remote code execution for AgentDVR 5.1.6.0 (Authenticated)
Refrence: GitHub
Orange-418
Refrence: GitHub