Arbitrary file deletion

2022-09-1322:15:00

PRIOn knowledge base

www.prio-n.com

file deletion

vulnerability

penta security systems

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

JSON

An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request.

CPENameOperatorVersion
wappleseq6.0.r3.4.10-v
wappleseqv6.0.r3.4.10 hotfix1
wapplesge4.0.0
wappleslt6.0.

Name	Operator	Version
wapples	eq	6.0.r3.4.10-v
wapples	eq	v6.0.r3.4.10 hotfix1
wapples	ge	4.0.0
wapples	lt	6.0.

References

medium.com/%40_sadshade/wapples-web-application-firewall-multiple-vulnerabilities-35bdee52c8fb

www.pentasecurity.com/product/wapples/