CVE-2020-36898 | THREATINT

Description

QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file deletion vulnerability in the QH.aspx endpoint that allows remote attackers to delete files without authentication. Attackers can exploit the 'data' parameter by sending a POST request with file paths to delete arbitrary files with web server permissions using directory traversal sequences.

PUBLISHED Reserved 2025-12-09 | Published 2025-12-10 | Updated 2025-12-11 | Assigner VulnCheck

HIGH: 8.8CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

unaffected

3.0.9

affected

Credits

LiquidWorm as Gjoko Krstic of Zero Science Lab finder

References

www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5580.php exploit

www.exploit-db.com/exploits/48749 (ExploitDB-48749) exploit

www.howfor.com (Official Product Homepage) product

www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5580.php (Vendor Security Advisory for ZSL-2020-5580) vendor-advisory vdb-entry

www.vulncheck.com/...unauthenticated-arbitrary-file-deletion (VulnCheck Advisory: QiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File Deletion) third-party-advisory

cve.org (CVE-2020-36898)

nvd.nist.gov (CVE-2020-36898)

Download JSON