Vulnerability Details CVE-2019-7751
A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.125
EPSS Ranking 93.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-7751
-
cpe:2.3:a:ricoh:fusionpro_vdp:-
-
cpe:2.3:a:ricoh:fusionpro_vdp:4.0
-
cpe:2.3:a:ricoh:fusionpro_vdp:4.1
-
cpe:2.3:a:ricoh:fusionpro_vdp:4.2
-
cpe:2.3:a:ricoh:fusionpro_vdp:5.0
-
cpe:2.3:a:ricoh:fusionpro_vdp:5.1
-
cpe:2.3:a:ricoh:fusionpro_vdp:5.8
-
cpe:2.3:a:ricoh:fusionpro_vdp:6.0
-
cpe:2.3:a:ricoh:fusionpro_vdp:6.1
-
cpe:2.3:a:ricoh:fusionpro_vdp:6.2
-
cpe:2.3:a:ricoh:fusionpro_vdp:7.0
-
cpe:2.3:a:ricoh:fusionpro_vdp:7.1
-
cpe:2.3:a:ricoh:fusionpro_vdp:7.2
-
cpe:2.3:a:ricoh:fusionpro_vdp:8.0
-
cpe:2.3:a:ricoh:fusionpro_vdp:8.1
-
cpe:2.3:a:ricoh:fusionpro_vdp:8.2
-
cpe:2.3:a:ricoh:fusionpro_vdp:9.0
-
cpe:2.3:a:ricoh:fusionpro_vdp:9.1
-
cpe:2.3:a:ricoh:fusionpro_vdp:9.2
-
cpe:2.3:a:ricoh:fusionpro_vdp:9.3