An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: _internal/pc/abort.php, _internal/pc/restart.php, _internal/pc/vpro.php, _internal/pc/wake.php, _internal/error_u201409.txt, _internal/runcmd.php, _internal/getConfiguration.php, ews/autoload.php, ews/del.php, ews/mod.php, ews/sync.php, utils/backup/backup_server.php, utils/backup/restore_server.php, MyScreens/timeline.config, kreator.html5/test.php, and addedlogs.txt.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-23T15:40:29

Updated: 2024-08-04T16:55:10.437Z

Reserved: 2020-12-04T00:00:00

Link: CVE-2020-29551

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-23T16:15:12.577

Modified: 2024-11-21T05:24:11.117

Link: CVE-2020-29551

cve-icon Redhat

No data.