Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation Connected Components Workbench Path Traversal
Vulnerability Description
The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file system. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the Connected Components Workbench software. User interaction is required for this exploit to be successful.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Rockwell Automation Connected Components Workbench 路径遍历漏洞
Vulnerability Description
Rockwell Automation Connected Components Workbench是美国罗克韦尔(Rockwell Automation )公司的一个应用软件。一个自动编程软件。 Rockwell Automation Connected Components Workbench 12.00.00版本及之前存在路径遍历漏洞。该漏洞源于程序处理某些文件类型的解析机制不提供文件路径的输入清理,攻击者可以利用该漏洞遍历文件系统。
CVSS Information
N/A
Vulnerability Type
N/A