From this webpage screenshot, the following key vulnerability information can be obtained: KVSS Meta Temp Score: 4.5 Current Exploit Price: $0–$5k CTI Interest Score: 0.31 Summary A critical vulnerability has been identified in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code within the file . Manipulation of the argument can lead to path traversal. The vulnerability is tracked as CVE-2023-4171. The attack can be executed remotely, and a public exploit is available. Details A vulnerability classified as problematic was discovered in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. It affects an unknown code block in the file . Manipulation of the argument using unknown input results in a path traversal vulnerability. The corresponding CWE classification is CWE-24. The product constructs a pathname using external input that should be confined to a restricted directory, but fails to properly neutralize "../" sequences, which can resolve to locations outside the intended directory. The impact is known to compromise confidentiality. The vulnerability was disclosed on 08/05/2023. An advisory is available on github.com. It is assigned the identifier CVE-2023-4171. Technical details and a public exploit are known. This vulnerability is mapped to T1006 in the MITRE ATT&CK framework.