Description
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation.
References (5)
Core 5
Core References
Third Party Advisory x_refsource_misc
https://labs.bishopfox.com/advisories
Vendor Advisory x_refsource_misc
https://www.ewon.biz/about-us/security
Vendor Advisory x_refsource_misc
https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher
Vendor Advisory x_refsource_misc
https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4
Exploit, Third Party Advisory x_refsource_misc
https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4
Scores
CVSS v3
6.1
EPSS
0.0065
EPSS Percentile
46.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
Details
CWE
CWE-276
Status
published
Products (1)
hms-networks/ecatcher
< 6.6.4
Published
Jul 09, 2021
Tracked Since
Feb 18, 2026