2 matches found
CVE-2019-18922
A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 1.00.047 allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product...
CVE-2019-18922
Allied Telesis AT-GS950/8 (firmware up to AT-S107 V.1.1.3) is affected by a Directory Traversal / Local File Inclusion via its web interface, enabling unauthenticated attackers to read arbitrary system files through a GET request. The vulnerability originates from insufficient path filtering, all...