6 matches found
CVE-2024-41938
A vulnerability has been identified in SINEC NMS All versions V3.0. The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is...
CVE-2025-32869
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportCertificate' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...
CVE-2024-41938
A vulnerability has been identified in SINEC NMS All versions V3.0. The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is...
PT-2024-29646 · Sinec Nms · Sinec Nms
Name of the Vulnerable Software and Affected Versions: SINEC NMS versions prior to V3.0 Description: A path traversal vulnerability has been identified in the importCertificate function of the SINEC NMS Control web application. This could allow an authenticated attacker to delete arbitrary...
CVE-2020-11705
An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...
CVE-2020-11705
An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...