Описание
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a path traversal vulnerability in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the /upload endpoint.
Ссылки
- Third Party Advisory
- Product
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.0 (включая)
Одновременно
cpe:2.3:o:indu-sol:profinet-inspektor_nt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:indu-sol:profinet-inspektor_nt:-:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00255
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
почти 2 года назад
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a path traversal vulnerability in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the /upload endpoint.
EPSS
Процентиль: 49%
0.00255
Низкий
7.5 High
CVSS3
Дефекты
CWE-22