Описание
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 6.1.1 (включая)
Одновременно
cpe:2.3:o:loytec:lvis-3me_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:loytec:lvis-3me:-:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.0196
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-23
CWE-22
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.
EPSS
Процентиль: 83%
0.0196
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-23
CWE-22