An attacker can gain knowledge of a session temporary working folder where the getfile and putfile commands are used in MDT AutoSave versions prior to v6.02.06. An attacker can leverage this knowledge to provide a malicious command to the working directory where the read and write activity can be initiated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
auvesy-mdt autosave |
||
auvesy-mdt autosave for system platform |
||
auvesy-mdt autosave for system platform 5.00 |