6 matches found
Siemens SCALANCE LPE9403 Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-27397)
Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files in the filesystem, if and only if the malicious path ends with 'log' . This...
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...
CVE-2025-27397
creationtimestamp| type| source ---|---|--- 2025-03-11 13:26:36+00:00| seen| https://t.me/cvedetector/20062 2025-03-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-06...
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...