CVE-2020-5609

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:yokogawa:b\/m9000cs_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:b\/m9000cs:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:yokogawa:b\/m9000vp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:b\/m9000vp:-:*:*:*:*:*:*:*

Information

Published : 2020-08-05 07:15

Updated : 2020-08-12 06:29


NVD link : CVE-2020-5609

Mitre link : CVE-2020-5609


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

yokogawa

  • centum_vp
  • centum_vp_firmware
  • centum_cs_3000
  • b\/m9000vp_firmware
  • b\/m9000cs
  • centum_cs_3000_firmware
  • b\/m9000cs_firmware
  • b\/m9000vp