CVE-2016-9339

MEDIUM

INTERSCHALT Maritime Systems VDR G4e <5.220 - Path Traversal

Title source: llm

Description

An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94776

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-16-343-04

Scores

CVSS v3 5.3

EPSS 0.0107

EPSS Percentile 77.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-22

Status published

Affected Products (2)

macgregor/interschalt_vdr_g4e_firmware < 5.220

n/a/INTERSCHALT VDR G4e 5.220 and prior < INTERSCHALT VDR G4e 5.220 and prior

Timeline

Published Feb 13, 2017

Tracked Since Feb 18, 2026