A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.

Bedrock Blog


Blog from Bedrock. Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.

Highlights

  • A comprehensive blog for cybersecurity.
Listed: