2 matches found
CVE-2020-23161
Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...
CVE-2020-23161
CVE-2020-23161 describes a local file inclusion in Pyrescom Termod4 time management devices prior to 10.04k. The issue allows an authenticated remote attacker to traverse the device’s filesystem and read sensitive files by tampering with the file-path parameter in the Maintenance > Logs URL. T...