CVE-2024-6049

Nov. 21, 2024, 9:48 a.m.

7.5
High

Description

The web server of Lawo AG vsm LTC Time Sync (vTimeSync) is affected by a "..." (triple dot) path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only possible if the requested file has some file extension, e. g. .exe or .txt.

Product(s) Impacted

Product Versions
Lawo AG vsm LTC Time Sync (vTimeSync)
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-32
Path Traversal: '...' (Triple Dot)
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '...' (triple dot) sequences that can resolve to a location that is outside of that directory.

References

https://lawo.com/lawo-downloads/
https://r.sec-consult.com/lawo
http://seclists.org/fulldisclosure/2024/Oct/7

Tags

551230f0-3615-47bd-b7cc-93e92e730bbf
2024-10-24
CVE-2024-6049
CWE-32

CVSS Score

7.5 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: NONE
  • Availability Impact: NONE

    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

    View Vector String

Timeline

Published: Oct. 24, 2024, 8:15 a.m.
Last Modified: Nov. 21, 2024, 9:48 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

551230f0-3615-47bd-b7cc-93e92e730bbf

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.