CVE-2018-9074
N/A
N/A
Summary
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file upload functionality of the Content Explorer application is vulnerable to path traversal. As a result, users can upload files anywhere on the device's operating system as the root user.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Lenovo Group LTD | Iomega StorCenter | 4.1.402.34662 <= 4.1.402.34662 | affected |
| Lenovo Group LTD | LenovoEMC | 4.1.402.34662 <= 4.1.402.34662 | affected |
| Lenovo Group LTD | EZ Media and Backup Center | 4.1.402.34662 <= 4.1.402.34662 | affected |
Weaknesses
- Path traversal
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.