exploitDog

CVE-2019-14251

Опубликовано: 09 дек. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Средний

Описание

An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocServer() to traverse the file system and access files or directories that are outside of the restricted directory because WealthT24/GetImage is used with the docDownloadPath and uploadLocation parameters.

Ссылки

https://github.com/kmkz/exploit/blob/master/CVE-2019-14251-TEMENOS-T24.txt
Exploit
Third Party Advisory
https://github.com/kmkz/exploit/blob/master/CVE-2019-14251-TEMENOS-T24.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:temenos:t24:r15.01:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.56609

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-ch35-w937-rw95

github

больше 3 лет назад

An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocServer() to traverse the file system and access files or directories that are outside of the restricted directory because WealthT24/GetImage is used with the docDownloadPath and uploadLocation parameters.

EPSS

Процентиль: 98%

0.56609

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22