PT-2022-9264 · Cassia Networks · Cassia Networks Access Controller
Amir Preminger
+1
·
Published
2022-10-14
·
Updated
2022-10-15
·
CVE-2021-22685
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cassia Networks Access Controller versions prior to 2.0.1
Description
An attacker may be able to use the minify route with a relative path to view any file on the system.
Recommendations
For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cassia Networks Access Controller