An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-09-20T13:39:25

Updated: 2024-08-05T00:34:52.417Z

Reserved: 2019-08-10T00:00:00

Link: CVE-2019-14914

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-09-20T14:15:11.307

Modified: 2024-11-21T04:27:40.550

Link: CVE-2019-14914

cve-icon Redhat

No data.