CVE-2019-14914

2019-09-2013:39:25

mitre

www.cve.org

AI Score

9.2

Confidence

High

EPSS

0.004

Percentile

72.6%

JSON

An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal.

References

www.adas-sso.com/es/extra/download.php

security-garage.com/index.php/cves/from-open-redirect-to-rce-in-adas