CVE-2016-9339
Last modified
CVE-2016-9339 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal.. EPSS estimates a 1.71% chance of exploitation in the next 30 days.
Description
An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Macgregor | Interschalt Vdr G4e Firmware | <= 5.220 |
References
- http://www.securityfocus.com/bid/94776Third Party Advisory, VDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-343-04Third Party Advisory, US Government Resource
- http://www.securityfocus.com/bid/94776Third Party Advisory, VDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-343-04Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-9339?
How severe is CVE-2016-9339?
How do I fix CVE-2016-9339?
Are you affected by CVE-2016-9339?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST