PT-2021-7831 · Unknown · C-Bus Toolkit

Rgod

Published

2021-04-13

Updated

2021-06-02

CVE-2021-22717

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions C-Bus Toolkit versions 1.15.7 and prior

Description A path traversal issue exists that could allow remote code execution when processing config files. This is due to improper limitation of a pathname to a restricted directory. The vulnerability may be exploited by a remote attacker to execute arbitrary code.

Recommendations For versions 1.15.7 and prior, update to a version that addresses this issue, as using an outdated version may expose the system to remote code execution risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

BDU:2023-03459

CVE-2021-22717

ZDI-21-447

Affected Products

C-Bus Toolkit

PT-2021-7831 · Unknown · C-Bus Toolkit

CVE-2021-22717

Weakness Enumeration

Related Identifiers

Affected Products

References · 6