Security Advisory

CVE-2020-24990

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-10-28 18:49:24

Last updated 2024-08-04 15:26:09

Assigner mitre

State PUBLISHED

Description

An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.

← Browse all CVEs View on cve.org ↗