Arbitrary File Access Vulnerability in NHIServiSignAdapter
CVE-2020-25842 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Remote attacker can access arbitrary files through the flaw without privilege.
Learn more about our User Device Pen Test.