Описание
Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not require user interaction.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:fox-it:fox_datadiode_firmware:3.4.3:*:*:*:*:*:*:*
cpe:2.3:h:fox-it:fox_datadiode:-:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02128
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 9.8
github
больше 2 лет назад
Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not require user interaction.
EPSS
Процентиль: 84%
0.02128
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22