Vulnerability Details CVE-2018-16059
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.379
EPSS Ranking 97.0%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/107416
- https://cert.vde.com/en-us/advisories/vde-2019-002
- https://ics-cert.us-cert.gov/advisories/ICSA-19-073-03
- https://www.exploit-db.com/exploits/45342/
- http://www.securityfocus.com/bid/107416
- https://cert.vde.com/en-us/advisories/vde-2019-002
- https://ics-cert.us-cert.gov/advisories/ICSA-19-073-03
- https://www.exploit-db.com/exploits/45342/
Products affected by CVE-2018-16059
-
cpe:2.3:h:endress:wirelesshart_fieldgate_swg70:-
-
cpe:2.3:o:endress:wirelesshart_fieldgate_swg70_firmware:3.00.07