CVE-2023-3512

Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter...

Setelsa Conacwin 3.7.1.2 - Local File Inclusion

Exploit Title: Setelsa Conacwin 3.7.1.2 - Local File Inclusion Date: 02/09/20 Exploit Author: Bryan Rodriguez Martin AKA tr3mb0 Vendor Homepage: http://setelsa-security.es/productos/control-de-acceso/ Version: 3.7.1.2 Tested on: Windows FIX: The recommendation from the vendor is to update to the...

CVE-2020-25068

Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/filetodisclose Directory Traversal URI. NOTE: The manufacturer indicated that the affect...

CVE-2020-25068

Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/filetodisclose Directory Traversal URI. NOTE: The manufacturer indicated that the affect...

CVE-2020-25068

CVE-2020-25068 affects Setelsa Conacwin v3.7.1.2 and is a local file inclusion (LFI) vulnerability allowing an unauthenticated attacker to read internal server files via a directory traversal URI (http://IP:PORT/../../path/file_to_disclose). Public Red Hat/NVD records confirm the issue with that ...

CVE-2020-25068

Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/filetodisclose Directory Traversal URI. NOTE: The manufacturer indicated that the affect...

Exploit for Path Traversal in Setelsa-Security Conacwin

CVE-2020-25068 Python exploit for Conacwin v3.7.1.2. Setelsa...