Critical Infrastructure Sectors: Information Technology
The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters (../) as part of a filename, the server will save the file where the attacker chooses. This could allow an malicious user to write any data to any file in the server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cambiumnetworks cnmaestro 2.4.2 |
||
cambiumnetworks cnmaestro 3.0.0 |
||
cambiumnetworks cnmaestro 3.0.3 |