Directory traversal

2022-11-1408:15:00

PRIOn knowledge base

www.prio-n.com

directory traversal

ironman software

powershell universal

remote attacker

administrator privilege

crafted http request

endpoint

patched versions

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafted HTTP request to particular endpoints in the web server. Patched Versions are 3.5.3 and 3.4.7.

CPENameOperatorVersion
powershell_universalge3.5.0
powershell_universallt3.5.3
powershell_universalge3.0.0
powershell_universallt3.4.7

Name	Operator	Version
powershell_universal	ge	3.5.0
powershell_universal	lt	3.5.3
powershell_universal	ge	3.0.0
powershell_universal	lt	3.4.7

References

blog.ironmansoftware.com/psu-2022-11-cve/

docs.powershelluniversal.com/changelog

ironmansoftware.com