Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/file_to_disclose Directory Traversal URI. NOTE: The manufacturer indicated that the affected version does not exist. Furthermore, they indicated that they detected this problem in an internal audit more than 3 years ago and fixed it in 2017.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-03T14:30:27
Updated: 2024-08-04T15:26:09.377Z
Reserved: 2020-09-01T00:00:00
Link: CVE-2020-25068
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-03T15:15:11.753
Modified: 2024-11-21T05:17:11.760
Link: CVE-2020-25068
Redhat
No data.