patch-1
Noam Rathaus 2021-10-14 16:30:14 +03:00
parent 6eaff09b16
commit 09de143099
1 changed files with 1 additions and 1 deletions

View File

@ -5,7 +5,7 @@ info:
severity: high severity: high
description: The BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. description: The BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.
reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5679.php reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5679.php
tags: ecoa,lfi tags: ecoa,lfi,cve-2021-41293
requests: requests:
- raw: - raw: