← voltar
CVE-2021-47795

GeoVision Geowebserver 5.3.3 - Local FIle Inclusion

CVSS 8.7 HIGHEPSS 0.9%CWE-22
GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Geovision · GeoVision Geowebserver

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.exploit-db.com/exploits/50211https://www.geovision.com.tw/cyber_security.phphttps://www.vulncheck.com/advisories/geovision-geowebserver-local-file-inclusion