SPON IP Network Broadcast System Arbitrary File Read Vulnerability

Vulnerability

An arbitrary file read vulnerability has been identified in the SPON IP Network Broadcast System, specifically within the rj_get_token.php endpoint. This vulnerability arises from inadequate input validation on the jsondata[url] parameter, allowing attackers to perform directory traversal and access sensitive files on the server. Exploitation of this vulnerability could lead to the disclosure of system configuration, credentials, or internal logic. The affected version range is currently undefined.

Impact

Exploitation of this vulnerability allows for arbitrary file read, with the potential to disclose sensitive information such as system configurations, credentials, or internal application logic.

Added: Aug 27, 2025, 10:25 PM

Updated: Aug 27, 2025, 10:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SPON IP Network Broadcast System Arbitrary File Read Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating