CVE-2024-40617

MEDIUM

FUJITSU Network Edgiot GW1500 - Path Traversal

Title source: llm

Description

Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked.

Exploits (1)

nomisec WORKING POC 6 stars

by KyssK00L · poc

https://github.com/KyssK00L/CVE-2024-40617

View Code ZIP pw:eip

References (2)

[Permissions Required] https://fenics.fujitsu.com/networkservice/m2m/download/update-m.html

[Third Party Advisory] https://jvn.jp/en/jp/JVN25583987/

Scores

CVSS v3 6.5

EPSS 0.1699

EPSS Percentile 95.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

fujitsu/network_edgiot_gw1500_firmware < v02l19c01

Published Jul 17, 2024

Tracked Since Feb 18, 2026