CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
49.7%
Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.
Vendor | Product | Version | CPE |
---|---|---|---|
mitsubishielectric | fx5-enet\/ip_firmware | - | cpe:2.3:o:mitsubishielectric:fx5-enet\/ip_firmware:-:*:*:*:*:*:*:* |
mitsubishielectric | fx5-enet\/ip | - | cpe:2.3:h:mitsubishielectric:fx5-enet\/ip:-:*:*:*:*:*:*:* |
mitsubishielectric | sw1dnn-eipct-bd_firmware | - | cpe:2.3:o:mitsubishielectric:sw1dnn-eipct-bd_firmware:-:*:*:*:*:*:*:* |
mitsubishielectric | sw1dnn-eipct-bd | - | cpe:2.3:h:mitsubishielectric:sw1dnn-eipct-bd:-:*:*:*:*:*:*:* |
mitsubishielectric | rj71eip91_firmware | - | cpe:2.3:o:mitsubishielectric:rj71eip91_firmware:-:*:*:*:*:*:*:* |
mitsubishielectric | rj71eip91 | - | cpe:2.3:h:mitsubishielectric:rj71eip91:-:*:*:*:*:*:*:* |
mitsubishielectric | sw1dnn-eipctfx5-bd_firmware | - | cpe:2.3:o:mitsubishielectric:sw1dnn-eipctfx5-bd_firmware:-:*:*:*:*:*:*:* |
mitsubishielectric | sw1dnn-eipctfx5-bd | - | cpe:2.3:h:mitsubishielectric:sw1dnn-eipctfx5-bd:-:*:*:*:*:*:*:* |