Lucene search
China National Vulnerability DatabaseCNVD-2022-82268HistoryApr 02, 2022 - 12:00 a.m.
IdeaRe SpA IdeaRE RefTree path traversal vulnerability
2022-04-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
ideare spa reftree
web application
italy
path traversal vulnerability
cad drawing files
authentication
file path filtering
EPSS
0.002
Percentile
57.9%
IdeaRe SpA IdeaRE RefTree is a web application for managing complex real estate situations from IdeaRe SpA, Italy. path traversal vulnerability exists in versions of IdeaRe SpA IdeaRE RefTree prior to 2021.09.17. The vulnerability stems from the failure of a web system or product to properly filter special elements in a resource or file path. An authenticated attacker could use this vulnerability to upload and download CAD drawing files of buildings.
Related
nvd
nvd
CVE-2022-27248
2022-04-03 23:15:08
packetstorm
packetstorm
IdeaRE RefTree Path Traversal
2022-03-31 00:00:00
prion
prion
Directory traversal
2022-04-03 23:15:00
cvelist
cvelist
CVE-2022-27248
2022-04-03 22:14:44
cve
cve
CVE-2022-27248
2022-04-03 23:15:08
zdt
zdt
IdeaRE RefTree Path Traversal Vulnerability
2022-03-31 00:00:00