← voltar
CVE-2014-2352

Cogent DataHub Path Traversal

CVSS 7.8 EPSS 2.3%CWE-22
The directory specifier can include designators that can be used to traverse the directory path. Exploiting this vulnerability may enable an attacker to access a limited number of hardcoded file types. Further exploitation of this vulnerability may allow an attacker to cause the web server component to enter a denial-of-service condition.
AV:N/AC:L/Au:N/C:C/I:N/A:N
Produtos afetados
Cogent · DataHub

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://cogentdatahub.com/Download_Software.htmlhttp://ics-cert.us-cert.gov/advisories/ICSA-14-149-02https://www.cisa.gov/news-events/ics-advisories/icsa-14-149-02