Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-43979
HistoryJan 27, 2023 - 10:15 p.m.

Path traversal

2023-01-2722:15:00
PRIOn knowledge base
www.prio-n.com
2
path traversal
local file inclusion
pandora fms
absolute path
php file
remote code execution
vulnerability

9.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.0%

JSON

There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. A function is called to check that the parameter that the user has inserted does not contain malicious characteres, but this check is insufficient. An attacker could insert an absolute path to overcome the heck, thus being able to incluse any PHP file that resides on the disk. The exploitation of this vulnerability could lead to a remote code execution.

CPENameOperatorVersion
pandora_fmslt766

Related

cvelist 1
nvd 1
cve 1
cvelist
cvelist
CVE-2022-43979 Path Traversal leading to Local File Inclusion
2023-01-27 00:00:00
nvd
nvd
CVE-2022-43979
2023-01-27 22:15:08
cve
cve
CVE-2022-43979
2023-01-27 22:15:08

9.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.0%

JSON
Related for PRION:CVE-2022-43979
cvelist1nvd1cve1