| |
Podatność CVE-2022-40977
Publikacja: 2022-11-24
| Opis: |
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated remote attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip'). |
Typ:
CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
Referencje: |
https://cert.vde.com/en/advisories/VDE-2022-033/
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English