Описание
AnySupport (Remote support solution) before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file execution.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2019.3.21.0 (исключая)
Одновременно
cpe:2.3:a:anysupport:anysupport:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01101
Низкий
8.4 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-23
CWE-22
Связанные уязвимости
github
больше 3 лет назад
AnySupport (Remote support solution) before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file execution.
EPSS
Процентиль: 78%
0.01101
Низкий
8.4 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-23
CWE-22