Arbitrary File Deletion Vulnerability in Yamcs API Storage Functionality
CVE-2023-45278 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request.
Learn more about our Api Penetration Testing.