A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution.
References
Link | Resource |
---|---|
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html | Vendor Advisory |
Configurations
History
19 Sep 2024, 01:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:rockwellautomation:pavilion8:*:*:*:*:*:*:*:* | |
First Time |
Rockwellautomation pavilion8
Rockwellautomation |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | () https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html - Vendor Advisory | |
Summary |
|
12 Sep 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-12 21:15
Updated : 2024-09-19 01:52
NVD link : CVE-2024-7961
Mitre link : CVE-2024-7961
CVE.ORG link : CVE-2024-7961
JSON object : View
Products Affected
rockwellautomation
- pavilion8
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')