An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. A user with valid credentials is able to read XML files on the filesystem via the web interface. The PHP page /common/vam_editXml.php doesn’t check the parameter that identifies the file name to be read. Thus, an attacker can manipulate the file name to access a potentially sensitive file within the filesystem.
CPE | Name | Operator | Version |
---|---|---|---|
visual_access_manager | ge | 4.15.0 | |
visual_access_manager | le | 4.29.0 |