Path Traversal Vulnerability in Carlo Gavazzi Powersoft 2.1.1.1: Unrestricted File Download

Path Traversal Vulnerability in Carlo Gavazzi Powersoft 2.1.1.1: Unrestricted File Download

CVE-2017-20184 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any file from the affected device.

Learn more about our Web Application Penetration Testing UK.