Path Traversal Vulnerability in WMS 3.7 Device API Allows Unauthorized File Access

Path Traversal Vulnerability in WMS 3.7 Device API Allows Unauthorized File Access

CVE-2022-34365 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.

Learn more about our Web App Pen Testing.