Описание
An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary file reading via path traversal allows an attacker to access arbitrary files and directories on the server.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 11.50.18 (включая)
Одновременно
cpe:2.3:o:fidelex:fx-2030a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:fidelex:fx-2030a_controller:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:fidelex:fx-2030a-basic_firmware:11.50.18:*:*:*:*:*:*:*
cpe:2.3:h:fidelex:fx-2030a-basic_controller:-:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01713
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary file reading via path traversal allows an attacker to access arbitrary files and directories on the server.
EPSS
Процентиль: 82%
0.01713
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22