External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system.
History

Thu, 16 Jan 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-08-03T18:08:13.924Z

Updated: 2025-01-16T21:31:03.063Z

Reserved: 2023-02-22T16:00:49.434Z

Link: CVE-2023-0956

cve-icon Vulnrichment

Updated: 2024-08-02T05:32:46.264Z

cve-icon NVD

Status : Modified

Published: 2023-08-03T19:15:10.323

Modified: 2024-11-21T07:38:10.727

Link: CVE-2023-0956

cve-icon Redhat

No data.