CVE-2020-7008

EPSS 1.9%CWE-23

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources.

Affected products

VISAM · VBASE Editor VISAM · VBASE Web-Remote Module

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.us-cert.gov/ics/advisories/icsa-20-084-01