A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote malicious user to upload arbitrary files to the SMS host.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
keysight sensor management server 2.4.0 |