An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.
2019-11-27T23:15:10.867
2024-11-21T04:32:55.600
Modified
CVSSv3.1: 10.0 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | hitachienergy | relion_670_firmware | < 1p1r26 | Yes |
| Operating System | hitachienergy | relion_670_firmware | < 1.2.3.17 | Yes |
| Operating System | hitachienergy | relion_670_firmware | < 2.0.0.10 | Yes |
| Operating System | hitachienergy | relion_670_firmware | < 2.1.0.1 | Yes |
| Hardware | hitachienergy | relion_670 | - | No |