CVE-2024-5433

The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated...

CVE-2024-5433 Path Traversal in Campbell Scientific CSI Web Server and RTMC

The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated...

Campbell Scientific CSI Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Campbell Scientific Equipment : CSI Web Server Vulnerabilities : Path Traversal, Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

Campbell Scientific CSI Web Server 安全漏洞

Campbell Scientific CSI Web Server is a web server from Campbell Scientific. A security vulnerability exists in Campbell Scientific CSI Web Server version 1.6 and prior versions, which originates when the password for a file is stored in a weakly encoded format, which allows an attacker to decode...