Описание
An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 5.220 (включая)
Одновременно
cpe:2.3:o:macgregor:interschalt_vdr_g4e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:macgregor:interschalt_vdr_g4e:-:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.0107
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal.
EPSS
Процентиль: 77%
0.0107
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22