Path traversal

2023-11-0307:15:00

PRIOn knowledge base

www.prio-n.com

ncsist manageengine

mdm app

path traversal

vulnerability

unauthenticated access

system files

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.3%

JSON

NCSIST ManageEngine Mobile Device Manager(MDM) APP’s special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files.

CPENameOperatorVersion
mobile_device_managereq1.4

CPE	Name	Operator	Version
	mobile_device_manager	eq	1.4

References

www.twcert.org.tw/tw/cp-132-7507-55b28-1.html