Back to search
CVE-2021-33726
Published: Oct 12, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system allows to download arbitrary files under a user controlled path and does not correctly check if the relative path is still within the intended target directory.
| Vendor | Product | Versions |
|---|---|---|
Siemens | SINEC NMS | affected All versions < V1.0 SP2 Update 1 |
Weaknesses (CWE)
References
https://cert-portal.siemens.com/productcert/pdf/ssa-163251.pdf
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now