X-Plane prior to 11.41 has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) via crafted network packets. This could be used to execute arbitrary commands on the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
x-plane x-plane |