CVE-2023-27409
published 2023-05-09CVE-2023-27409: A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the…
low3.3CVSS 3.1
AVLACLPRLUINSUCLINAN
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | scalance_lpe9403 | — | — |
| siemens | scalance_lpe9403_firmware | < 2.1 | 2.1 |