The Netconf (TCP) service in OpenDaylight 1.0 allows remote malicious users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opendaylight opendaylight 1.0 |