2 matches found
CVE-2021-37200
CVE-2021-37200 affects Siemens SINEC NMS versions prior to 1.0 SP1. The vulnerability is a path traversal flaw (improper limitation of a pathname) that could allow an attacker with webserver access to download arbitrary files from the underlying filesystem via a specially crafted HTTP request. Ro...
Siemens SINEC NMS
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC NMS Vulnerabilities: Path Traversal, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to manipulate the...