exploitDog

GHSA-g45j-3ccj-357x

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system.

Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system.

Ссылки

EPSS

Процентиль: 61%

0.00419

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2020-17385

CVSS3: 7.5

nvd

больше 5 лет назад

Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system.

EPSS

Процентиль: 61%

0.00419

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22