A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause unauthorized write access outside of expected path folder when opening the project file.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2020-06-16T19:11:55

Updated: 2024-08-04T09:33:19.527Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7495

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-06-16T20:15:14.457

Modified: 2024-11-21T05:37:15.467

Link: CVE-2020-7495

cve-icon Redhat

No data.