An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-20T13:39:25
Updated: 2024-08-05T00:34:52.417Z
Reserved: 2019-08-10T00:00:00
Link: CVE-2019-14914
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-20T14:15:11.307
Modified: 2024-11-21T04:27:40.550
Link: CVE-2019-14914
Redhat
No data.