CVE-2024-28806
HIGHItaltel i-MCS NFV 12.1.0-20211215 - Unauthenticated Path Traversal and Arbitrary File Write
Title source: llmDescription
An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers can upload files at an arbitrary path.
References (1)
Core 1
Core References
Third Party Advisory
https://www.gruppotim.it/it/footer/red-team.html
Scores
CVSS v3
7.5
EPSS
0.0059
EPSS Percentile
43.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-36
Status
published
Products (1)
italtel/i-mcs_nfv
12.1.0-20211215
Published
Jul 29, 2024
Tracked Since
Feb 18, 2026