2 matches found
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2020-15644
Marvell QConvergeConsole 5.5.0.64 is affected by CVE-2020-15644. The flaw is in setAppFileBytes of the GWTTestServiceImpl class, where user-supplied paths are not properly validated before file operations, enabling a directory-traversal-style path to be exploited. This can allow remote attackers ...