CVE-2024-38878
CVE-2024-38878
In short
An authenticated user can exploit a path traversal flaw in Omnivise T3000's diagnostics export feature to download any file from the server, bypassing intended file access restrictions.
Technical detail
The diagnostics export API endpoint fails to properly validate file paths, allowing authenticated attackers to traverse directory structures (CWE-22) and read arbitrary files. Exploitation requires valid authentication credentials; impact includes unauthorized disclosure of sensitive system and application data.
Summary generated and translated by AI from the official description.
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). Affected devices allow authenticated users to export diagnostics data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download arbitrary files from the file system.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
Siemens · Omnivise T3000 Application Server R9.2Siemens · Omnivise T3000 R8.2 SP3Siemens · Omnivise T3000 R8.2 SP4Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →