CVE-2023-6032

Summary

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause a file system enumeration and file download when an attacker navigates to the Network Management Card via HTTPS.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricGalaxy VSv6.82affected
Schneider ElectricGalaxy VLv12.21affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CVE Program Container

Additional References

References