A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request.
References
Link | Resource |
---|---|
https://clients.dh2i.com/Support/Article.aspx?ID=2963454 | Mitigation Vendor Advisory |
https://clients.dh2i.com/Support/Article.aspx?ID=2963454 | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:21
Type | Values Removed | Values Added |
---|---|---|
References | () https://clients.dh2i.com/Support/Article.aspx?ID=2963454 - Mitigation, Vendor Advisory |
Information
Published : 2021-01-29 01:15
Updated : 2024-11-21 06:21
NVD link : CVE-2021-3341
Mitre link : CVE-2021-3341
CVE.ORG link : CVE-2021-3341
JSON object : View
Products Affected
dh2i
- dxodyssey
- dxenterprise
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')