A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HKeysight Sensor Management Server
APPKeysight2.4.0
Powiązane podatności
The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB ...
Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resu...
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/auth...
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious...
In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file...