CVE-2020-7535
CVE-2020-7535
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 1.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
11 dez 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.