exploitDog

GHSA-gww6-fq7j-fjmw

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.

In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.

Ссылки

EPSS

Процентиль: 87%

0.03347

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2019-10985

CVSS3: 9.1

nvd

больше 6 лет назад

In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage this vulnerability to delete files while posing as an administrator.

BDU:2019-03767

CVSS3: 9.1

fstec

больше 6 лет назад

Уязвимость процесса webvrpcs программного обеспечения удаленного мониторинга Advantech WebAccess, позволяющая нарушителю удалять файлы

EPSS

Процентиль: 87%

0.03347

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22