RedRays R&D

1 exploit Active since Oct 2022
CVE-2022-39802 NOMISEC HIGH WRITEUP
SAP Manufacturing Execution 15.1-15.3 - Path Traversal via File Path Request Parameter
SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure.
3 stars
CVSS 7.5