Products
WebIQ
- 2.15.9
Source
vulnreport@tenable.com
Tags
CVE-2024-8752 details
Published : Sept. 16, 2024, 4:15 p.m.
Last Modified : Sept. 16, 2024, 6:03 p.m.
Last Modified : Sept. 16, 2024, 6:03 p.m.
Description
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
References
URL | Source |
---|---|
https://www.tenable.com/security/research/tra-2024-38 | vulnreport@tenable.com |
This website uses the NVD API, but is not approved or certified by it.