The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets.
Metrics
Affected Vendors & Products
References
History
Thu, 26 Sep 2024 07:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 23 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sat, 21 Sep 2024 04:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets. | |
Title | MXview One Series vulnerable to Path Traversal | |
Weaknesses | CWE-24 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Moxa
Published: 2024-09-21T04:14:22.667Z
Updated: 2024-09-26T06:52:45.192Z
Reserved: 2024-07-16T09:32:41.142Z
Link: CVE-2024-6786
Vulnrichment
Updated: 2024-09-23T14:04:59.751Z
NVD
Status : Awaiting Analysis
Published: 2024-09-21T05:15:12.397
Modified: 2024-09-26T13:32:55.343
Link: CVE-2024-6786
Redhat
No data.