A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges to upload arbitrary files. By uploading a specially crafted tar file an attacker can execute arbitrary commands.
CPE | Name | Operator | Version |
---|---|---|---|
datamodule_compactplus | eq | 10.0.97 | |
datamodule_compactplus | eq | 11.0.97 | |
spacecom | eq | <= l81 |