Vulnerability Details CVE-2021-3341
A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2021-3341
-
cpe:2.3:a:dh2i:dxenterprise:19.5
-
cpe:2.3:a:dh2i:dxenterprise:20.0
-
cpe:2.3:a:dh2i:dxenterprise:20.0.218
-
cpe:2.3:a:dh2i:dxodyssey:19.5
-
cpe:2.3:a:dh2i:dxodyssey:20.0
-
cpe:2.3:a:dh2i:dxodyssey:20.0.219