CVE-2024-7961

A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution.
Configurations

Configuration 1 (hide)

cpe:2.3:a:rockwellautomation:pavilion8:*:*:*:*:*:*:*:*

History

19 Sep 2024, 01:52

Type Values Removed Values Added
CPE cpe:2.3:a:rockwellautomation:pavilion8:*:*:*:*:*:*:*:*
First Time Rockwellautomation pavilion8
Rockwellautomation
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References () https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html - () https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html - Vendor Advisory
Summary
  • (es) Existe una vulnerabilidad de path traversal en el producto afectado de Rockwell Automation. Si se explota, el actor de la amenaza podría cargar archivos arbitrarios al servidor, lo que podría provocar la ejecución remota de código.

12 Sep 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-12 21:15

Updated : 2024-09-19 01:52


NVD link : CVE-2024-7961

Mitre link : CVE-2024-7961

CVE.ORG link : CVE-2024-7961


JSON object : View

Products Affected

rockwellautomation

  • pavilion8
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')