exploitDog

GHSA-m8p2-4fmh-2gr9

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.

Ссылки

EPSS

Процентиль: 37%

0.0016

Низкий

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2021-34597

CVSS3: 7.8

nvd

больше 4 лет назад

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.

EPSS

Процентиль: 37%

0.0016

Низкий

CVE ID

Дефекты

CWE-20