CVE-2018-14942

2018-08-05T18:29:00
ID CVE-2018-14942
Type cve
Reporter cve@mitre.org
Modified 2018-10-05T12:40:00

Description

Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by "POST /PY/EMULATION_GET_FILE" or "POST /PY/EMULATION_EXPORT" with FileName=../../../passwd in the POST data.