Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/file_to_disclose Directory Traversal URI. NOTE: The manufacturer indicated that the affected version does not exist. Furthermore, they indicated that they detected this problem in an internal audit more than 3 years ago and fixed it in 2017.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-09-03T14:30:27

Updated: 2024-08-04T15:26:09.377Z

Reserved: 2020-09-01T00:00:00

Link: CVE-2020-25068

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-09-03T15:15:11.753

Modified: 2024-11-21T05:17:11.760

Link: CVE-2020-25068

cve-icon Redhat

No data.