CVE-2021-33576
N/A
N/A
Summary
An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/atredispartners/advisories/blob/master/ATREDIS-2020-0011.md
- https://www.cleo.com/cleo-lexicom
References
- https://github.com/atredispartners/advisories/blob/master/ATREDIS-2020-0011.md
- https://www.cleo.com/cleo-lexicom
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.