CVE-2017-7258

Опубликовано: 29 мар. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi allows an Attacker to View Restricted Information or (even more seriously) execute powerful commands on the web server which can lead to a full compromise of the system via Directory Path Traversal, as demonstrated by reading core-emli/Storage. The affected versions are eMLi School Management 1.0, eMLi College Campus Management 1.0, and eMLi University Management 1.0.

Ссылки

http://www.securityfocus.com/bid/97255
Third Party Advisory
VDB Entry
https://sudoat.blogspot.in/2017/03/path-traversal-vulnerability-in-emli.html
Third Party Advisory
http://www.securityfocus.com/bid/97255
Third Party Advisory
VDB Entry
https://sudoat.blogspot.in/2017/03/path-traversal-vulnerability-in-emli.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:auromeera:emli:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.0058

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-ff76-qqwc-mj6r