Security Advisory

CVE-2021-23241

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-07 20:19:32

Last updated 2024-08-03 19:05:55

Assigner mitre

State PUBLISHED

Description

MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.

← Browse all CVEs View on cve.org ↗