Описание
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448.
Уязвимые конфигурации
Конфигурация 1Версия до 7.85448 (исключая)
cpe:2.3:a:bitdefender:engines:*:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00184
Низкий
3.2 Low
CVSS3
3.6 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
CWE-20
Связанные уязвимости
github
больше 3 лет назад
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448.
EPSS
Процентиль: 40%
0.00184
Низкий
3.2 Low
CVSS3
3.6 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
CWE-20