Описание
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- MitigationVendor Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.96 (включая) до 10.97.2 (включая)
cpe:2.3:a:iconics:genesis64:*:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00247
Низкий
6.3 Medium
CVSS3
7.1 High
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 7.1
github
около 3 лет назад
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker.
EPSS
Процентиль: 48%
0.00247
Низкий
6.3 Medium
CVSS3
7.1 High
CVSS3
Дефекты
CWE-22
CWE-22