Information disclosure

2021-01-2001:15:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.049 Low

EPSS

Percentile

92.8%

JSON

Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure.

CPENameOperatorVersion
fhemeq6.0

CPE	Name	Operator	Version
	fhem	eq	6.0

References

emreovunc.com/blog/en/FHEM-v6.0-LFI-Vulnerability-01.png

github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability