Описание
Directory traversal vulnerability in Enriva Development Magellan Explorer 3.32 build 2305 and earlier allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.32_build2305 (включая)
cpe:2.3:a:enriva_development:magellan_explorer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00543
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in Enriva Development Magellan Explorer 3.32 build 2305 and earlier allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder.
EPSS
Процентиль: 67%
0.00543
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-22