← volver
CVE-2019-12310

CVE-2019-12310

EPSS 3.3%
ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote attackers to view and retrieve verbose logging information. Files within this directory were observed to contain sensitive run-time information, including Base64 encoded 'support' credentials, leading to administrative access of the device.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://exagrid.com/exagrid-products/resources/https://www.inquisitllc.com/exagrid-directory-traversal-vulnerability-to-support-credential-extraction/