2 matches found
CVE-2023-37607
Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 legoT04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter...
CVE-2023-37607
CVE-2023-37607 is a directory traversal vulnerability in Automatic Systems SOC FL9600 FastLine V06 (lego_T04E00). The issue arises in csvServer.php when the dir parameter contains a .. sequence, permitting remote access to sensitive files (example: getList=1 with dir traversal to /etc and file pa...