Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Honeywell International Experion PKS 路径遍历漏洞
Vulnerability Description
Honeywell International Experion PKS是美国霍尼韦尔国际(Honeywell International)公司的一套过程自动化控制系统。该系统提供过程控制、安全仪表系统、安防以及先进控制系统等。 Honeywell Experion PKS中存在目录遍历漏洞,该漏洞源于程序没有充分过滤用户提交的输入。远程攻击者可借助带有目录遍历序列‘..’的请求利用该漏洞检索应用程序上下文中的任意文件。以下版本受到影响:Honeywell Experion PKS R400.6之前R40
CVSS Information
N/A
Vulnerability Type
N/A