Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/166610/FFS-Colibri-Controller-Module-1.8.19.8580-Directory-Traversal.html | Exploit Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/166671/Franklin-Fueling-Systems-Colibri-Controller-Module-1.8.19.8580-Local-File-Inclusion.html | Exploit Third Party Advisory VDB Entry |
https://drive.google.com/drive/folders/1Yu4aVDdrgvs-F9jP3R8Cw7qo_TC7VB-R | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2022-04-07 11:15
Updated : 2024-02-28 19:09
NVD link : CVE-2021-46417
Mitre link : CVE-2021-46417
CVE.ORG link : CVE-2021-46417
JSON object : View
Products Affected
franklinfueling
- colibri_firmware
- colibri
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')