| |
Podatność CVE-2024-41925
Publikacja: 2024-10-03 Modyfikacja: 2024-10-04
Opis: |
The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and execute remote code. |
Typ:
CWE-98 (Improper Control of Filename for Include/Require Statement in PHP Program ('PHP File Inclusion'))
Referencje: |
https://www.cisa.gov/news-events/ics-advisories/icsa-24-275-01
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|