Filtered by vendor Lawo
Subscriptions
Filtered by product Vsm Ltc Timesync
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-6049 | 1 Lawo | 1 Vsm Ltc Timesync | 2024-10-25 | 7.5 High |
| The web server of Lawo AG vsm LTC Time Sync (vTimeSync) is affected by a "..." (triple dot) path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only possible if the requested file has some file extension, e. g. .exe or .txt. | ||||
Page 1 of 1.