CVE-2013-3574

2013-06-14T13:07:00
ID CVE-2013-3574
Type cve
Reporter cve@mitre.org
Modified 2013-06-14T14:59:00

Description

Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.