Описание
The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.
Ссылки
- Release NotesThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:emca:energy_logserver:6.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00316
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.
EPSS
Процентиль: 54%
0.00316
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22