2 matches found
CVE-2022-29511
A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-29511
Cisco Talos and Lansweeper detail a directory traversal vulnerability in Lansweeper 10.1.1.0, triggered via KnowledgebasePageActions.aspx ImportArticles. The flaw arises from unsanitized file_path handling in CSV imports, allowing reading arbitrary server files. Exploitation is demonstrated in Ta...