### [CVE-2024-7729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7729)
![](https://img.shields.io/static/v1?label=Product&message=CMS-20&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=CMS-60&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=CMS-SE&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=CMS-SE(18.04)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=CMS-SE(22.04)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-2100&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-2200&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-2210&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-2300&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-2310&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-2400&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-6000&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-8000&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-8000QD&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SMP-8100&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%204.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.0%3C%3D%204.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-552%20Files%20or%20Directories%20Accessible%20to%20External%20Parties&color=brighgreen)

### Description

The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds