Security Advisory

CVE-2022-44016

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-25 00:00:00

Last updated 2025-04-15 13:24:40

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can download arbitrary files from the web server by abusing an API call: /DS/LM_API/api/ConfigurationService/GetImages with an "ImagesPath":"C:" value.

← Browse all CVEs View on cve.org ↗