Unrated severityNVD Advisory· Published Feb 22, 2021· Updated Sep 17, 2024

Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4

CVE-2021-26725

Description

Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.

Affected products

Nozominetworks/Cmcv5
Range: 20.0.7.3 and prior versions
Nozominetworks/Guardianv5
Range: 20.0.7.3 and prior versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.nozominetworks.com/NN-2021:2-01mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000