Описание
A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
6.5 Medium
CVSS3
8.1 High
CVSS3
Дефекты
CWE-73
CWE-610
Связанные уязвимости
CVSS3: 6.5
github
больше 2 лет назад
A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.
EPSS
Процентиль: 18%
0.00056
Низкий
6.5 Medium
CVSS3
8.1 High
CVSS3
Дефекты
CWE-73
CWE-610