Main
Vulnerability Database
Exploits
ID:1201 - Exploit for Path traversal in Miele Professional products - CVE-2017-7240
ID:1201 - Exploit for Path traversal in Miele Professional products - CVE-2017-7240
Published: March 18, 2020
Vulnerability identifier: #VU6614
Vulnerability risk: Low
CVE-ID: CVE-2017-7240
CWE-ID: CWE-22
Exploitation vector: Remote access
Vulnerable software:
PG8536
PG8535
PG8528
PG8527
PG8536
PG8535
PG8528
PG8527
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the affected device.
The weakness exists due to path traversal. A remote attacker can use special elements in the pathname to resolve to a location outside of a restricted directory and view arbitrary files on the system.
Successful exploitation of the vulnerability results in information disclosure.
The weakness exists due to path traversal. A remote attacker can use special elements in the pathname to resolve to a location outside of a restricted directory and view arbitrary files on the system.
Successful exploitation of the vulnerability results in information disclosure.
Remediation
Update PG8527 to version 2.12, 2.52, 2.62, 2.64.
Update PG8528 to version 2.12, 2.61, 2.62, 2.64.
Update PG8535 to version 1.10, 1.14.
Update PG8536 to version 1.20, 1.24.
Update PG8528 to version 2.12, 2.61, 2.62, 2.64.
Update PG8535 to version 1.10, 1.14.
Update PG8536 to version 1.20, 1.24.