Lucene search

MitreCVELIST:CVE-2021-45427

HistoryDec 30, 2021 - 11:10 a.m.

CVE-2021-45427

2021-12-3011:10:01

mitre

www.cve.org

emerson xweb 300d

evo 3.0.7--3ee403

unauthenticated

arbitrary file deletion

path traversal

access control

directory traversal

AI Score

9.9

Confidence

High

EPSS

0.004

Percentile

72.1%

JSON

Emerson XWEB 300D EVO 3.0.7–3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal.

References

drive.google.com/file/d/1IN7p9OKRgdszMVC1TKuZQDa4ySCPmQzO/view?usp=sharing

drive.google.com/file/d/1iusYdheb62dom0DnvAzEiNR-e4EXSf2k/view?usp=sharing

drive.google.com/file/d/1RegGlCrtyQwW9DUirAbPDiIHKBWgsBea/view?usp=sharing