A CWE-22 Improper Limitation of a Pathname to a Restricted Directory (βPath Transversalβ) vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place content in any unprotected folder on the target system using a crafted .RCZ file.
CPE | Name | Operator | Version |
---|---|---|---|
scadapack_7x_remote_connect | le | 3.6.3.574 |