A Python script (web.py) for a Dockerized webservice contains a directory traversal vulnerability, which can be leveraged by an authenticated attacker to view the contents of directories on the IoT Controller.
You May Also Like
Travel Management Firm CWT Pays $4.5 Million to Hackers
The US business travel management firm CWT just paid a $4.5 million…
- cybersecurityredflag_sdevzw
- August 11, 2020
WordPress Current Book 1.0.1 Cross Site Scripting
WordPress Current Book plugin version 1.0.1 suffers from a persistent cross site…
- cybersecurityredflag_sdevzw
- July 14, 2021
Brother BRPrint Auditor 3.0.7 Unquoted Service Path
Brother BRPrint Auditor version 3.0.7 suffers from an unquoted service path vulnerability.
- cybersecurityredflag_sdevzw
- June 15, 2021
Accela Civic Platform 21.1 Insecure Direct Object Reference
Accela Civic Platform version 21.1 suffers from an insecure direct object reference…
- cybersecurityredflag_sdevzw
- June 14, 2021