An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: _internal/pc/abort.php, _internal/pc/restart.php, _internal/pc/vpro.php, _internal/pc/wake.php, _internal/error_u201409.txt, _internal/runcmd.php, _internal/getConfiguration.php, ews/autoload.php, ews/del.php, ews/mod.php, ews/sync.php, utils/backup/backup_server.php, utils/backup/restore_server.php, MyScreens/timeline.config, kreator.html5/test.php, and addedlogs.txt.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-23T15:40:29
Updated: 2024-08-04T16:55:10.437Z
Reserved: 2020-12-04T00:00:00
Link: CVE-2020-29551
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-23T16:15:12.577
Modified: 2024-11-21T05:24:11.117
Link: CVE-2020-29551
Redhat
No data.