Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php.
2020-02-17T04:15:11.420
2024-11-21T05:39:51.770
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:L/Au:N/C:P/I:P/A:N
10.0
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | microchip | syncserver_s100_firmware | 2.90.70.3 | Yes |
| Hardware | microchip | syncserver_s100 | - | No |
| Operating System | microchip | syncserver_s200_firmware | 1.30 | Yes |
| Hardware | microchip | syncserver_s200 | - | No |
| Operating System | microchip | syncserver_s250_firmware | 1.25 | Yes |
| Hardware | microchip | syncserver_s250 | - | No |
| Operating System | microchip | syncserver_s300_firmware | 2.65.0 | Yes |
| Hardware | microchip | syncserver_s300 | - | No |
| Operating System | microchip | syncserver_s350_firmware | 2.80.1 | Yes |
| Hardware | microchip | syncserver_s350 | - | No |