VYPR

CSI Web Server

by Campbell Scientific

CVEs (2)

  • CVE-2024-5434MedMay 28, 2024
    risk 0.45cvss epss 0.00

    The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within that file are stored in a weakly encoded format. There is no known way to remotely access the file unless it has been manually renamed. However, if…

  • CVE-2024-5433MedMay 28, 2024
    risk 0.34cvss epss 0.00

    The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous,…