Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked.
References
Link | Resource |
---|---|
https://fenics.fujitsu.com/networkservice/m2m/download/update-m.html | Permissions Required |
https://jvn.jp/en/jp/JVN25583987/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
10 Sep 2024, 13:45
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Fujitsu
Fujitsu network Edgiot Gw1500 Fujitsu network Edgiot Gw1500 Firmware |
|
Summary |
|
|
CWE | CWE-22 | |
References | () https://fenics.fujitsu.com/networkservice/m2m/download/update-m.html - Permissions Required | |
References | () https://jvn.jp/en/jp/JVN25583987/ - Third Party Advisory | |
CPE | cpe:2.3:o:fujitsu:network_edgiot_gw1500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:fujitsu:network_edgiot_gw1500:-:*:*:*:*:*:*:* |
17 Jul 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-17 09:15
Updated : 2024-10-29 20:35
NVD link : CVE-2024-40617
Mitre link : CVE-2024-40617
CVE.ORG link : CVE-2024-40617
JSON object : View
Products Affected
fujitsu
- network_edgiot_gw1500
- network_edgiot_gw1500_firmware
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')