Описание
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0.527 (включая)
cpe:2.3:a:clipsoft:rexpert:*:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00479
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-264
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
EPSS
Процентиль: 64%
0.00479
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-264
NVD-CWE-noinfo