4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
49.4%
desknetβs NEO provided by NEOJAPAN Inc. contains a directory traversal (CWE-22) vulnerability where it fails to verify html parameter in zhtml.cgi.
An authenticated attacker may view arbitrary files on the server.
Update the Software
Update to the latest version according to the information provided by the developer.
Apply the Patch
Apply the patch according to the information provided by the developer.