In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ericsson mobile_switching_center_server_bc_18a_firmware |