← volver
CVE-2021-28485

CVE-2021-28485

EPSS 0.5%
In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.ericsson.com/en/about-us/security/psirthttps://www.gruppotim.it/it/footer/red-team.html