Описание
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
Дефекты
Связанные уязвимости
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition.
Уязвимость микропрограммного обеспечения серверов геолокации Keysight N6854A, связанная с ошибками в обработке относительного пути к каталогу, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3