exploitDog

CVE-2023-45278

Опубликовано: 19 окт. 2023

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request.

Ссылки

https://github.com/yamcs/yamcs/compare/yamcs-5.8.6...yamcs-5.8.7
Patch
https://www.linkedin.com/pulse/yamcs-vulnerability-assessment-visionspace-technologies
Exploit
Third Party Advisory
https://github.com/yamcs/yamcs/compare/yamcs-5.8.6...yamcs-5.8.7
Patch
https://www.linkedin.com/pulse/yamcs-vulnerability-assessment-visionspace-technologies
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:spaceapplications:yamcs:5.8.6:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02556

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-43fw-536j-w37j

CVSS3: 9.1

github

больше 2 лет назад

Yamcs API Directory Traversal vulnerability

EPSS

Процентиль: 85%

0.02556

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-22