Unrated severityNVD Advisory· Published Dec 30, 2021· Updated Aug 4, 2024

CVE-2021-45427

Description

Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal.

Affected products

Emerson/XWEB 300D EVOdescription
Emerson/XWEB 300D EVOllm-create
Range: = 3.0.7--3ee403

Patches

Members only

Discovered fix commits and diffs is available to signed-in members. Sign in or create a free account to read it.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drive.google.com/file/d/1IN7p9OKRgdszMVC1TKuZQDa4ySCPmQzO/viewmitrex_refsource_MISC
drive.google.com/file/d/1RegGlCrtyQwW9DUirAbPDiIHKBWgsBea/viewmitrex_refsource_MISC
drive.google.com/file/d/1iusYdheb62dom0DnvAzEiNR-e4EXSf2k/viewmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.015
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000