A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices prior to 2.6.2 allows remote authenticated malicious users to achieve denial of services and information disclosure via TCP/IP packets.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
idemia morphowave_compact_mdpi_firmware |
||
idemia morphowave_compact_mdpi-m_firmware |
||
idemia visionpass_mdpi_firmware |
||
idemia visionpass_mdpi-m_firmware |
||
idemia visionpass_md_firmware - |
||
idemia morphowave_compact_md_firmware - |
Vulmon