In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition.
CPE | Name | Operator | Version |
---|---|---|---|
geolocation_server | le | 2.4.2 |