Описание
SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:trex:7.10:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02124
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592.
EPSS
Процентиль: 84%
0.02124
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-94