CVE-2017-14030

An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user…

icscert·CWE-428·Published 2018-01-12

CVSS

—

EPSS

0.00

KEV

Exploits

cve.orgen

236 chars

An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path.

NVDen

236 chars

NVDes

286 chars

Se ha descubierto un problema en Moxa MXview v2.8 y anteriores. La vulnerabilidad de escalado de ruta de servicio sin entrecomillar podría permitir que un usuario autorizado con acceso de archivo escale privilegios insertando código arbitrario en la ruta del servicio sin entrecomillar.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H