QwikSec

Security Database

CVE

CWE

Training

CVE-2020-11420

Published: Apr 27, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may access arbitrary files and directories stored in the file system, but integrity of the files are not jeopardized as attacker have read access rights only.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://library.e.abb.com/public/ee46f3ff5823400f991ebd9bd43a297e/2CMT2020-005913%20Security%20Advisory%20CS141.pdf

x_refsource_CONFIRM

https://www.generex.de/index.php?option=com_content&task=view&id=185&Itemid=249

x_refsource_MISC

https://www.generex.de/support/changelogs/cs141/page:2

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.