CVE-2023-4152

Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a path traversal vulnerability of the web interface by a crafted URL without authentication. This enables an remote attacker to read all files on the filesystem of the FDS101 device.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
frauscherfrauscher_diagnostic_system_101
𝑥
≤ 1.4.24
frauscherfrauscher_diagnostic_system_101
𝑥
≤ 1.4.24
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
frauscherfrauscher_diagnostic_system_101
𝑥
≤ 1.4.24
ADP
frauscherfrauscher_diagnostic_system_101
𝑥
≤ 1.4.24
ADP
Common Weakness Enumeration
References
https://cert.vde.com/en/advisories/VDE-2023-038/
https://cert.vde.com/en/advisories/VDE-2023-038/