Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/17 12:0 a.m.6 views

Siemens SCALANCE LPE9403 Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-27397)

Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files in the filesystem, if and only if the malicious path ends with 'log' . This...

5.1CVSS5.6AI score0.00375EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/14 9:9 a.m.9 views

CVE-2025-27397

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...

5.1CVSS6.7AI score0.00375EPSS
Exploits0References1
Circl
Circl
added 2025/03/11 1:26 p.m.5 views

CVE-2025-27397

creationtimestamp| type| source ---|---|--- 2025-03-11 13:26:36+00:00| seen| https://t.me/cvedetector/20062 2025-03-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-06...

5.1CVSS4.8AI score0.00375EPSS
Exploits0References2
NVD
NVD
added 2025/03/11 10:15 a.m.9 views

CVE-2025-27397

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...

5.1CVSS0.00375EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 9:48 a.m.5 views

CVE-2025-27397

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...

5.1CVSS4.3AI score0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/11 9:48 a.m.13 views

CVE-2025-27397

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...

5.1CVSS0.00375EPSS
Exploits0References1
Rows per page
Query Builder