Path traversal

2023-05-3100:15:00

PRIOn knowledge base

www.prio-n.com

fox-it datadiode

path traversal

arbitrary writing

remote attack

code execution

vulnerability

user interaction

AI Score

9.5

Confidence

High

EPSS

0.009

Percentile

82.5%

JSON

Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not require user interaction.