exploitDog

GHSA-p7jx-m4x8-cghf

Опубликовано: 18 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.

WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.

Ссылки

EPSS

Процентиль: 38%

0.00169

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2023-45912

CVSS3: 7.5

nvd

больше 2 лет назад

WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.

EPSS

Процентиль: 38%

0.00169

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200