CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-3512

Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.4%

CVSS Severity

CVSS v3 Score 7.5

References

https://https://www.incibe.es/en/incibe-cert/notices/aviso/relative-path-traversal-setelsa-security-conacwin
https://github.com/advisories/GHSA-v6jm-v768-76h2
https://https://www.incibe.es/en/incibe-cert/notices/aviso/relative-path-traversal-setelsa-security-conacwin

Products affected by CVE-2023-3512

Setelsa-Security » Conacwin » Version: N/A

cpe:2.3:a:setelsa-security:conacwin:-
Setelsa-Security » Conacwin » Version: 3.7.1.2

cpe:2.3:a:setelsa-security:conacwin:3.7.1.2
Setelsa-Security » Conacwin » Version: 3.8.2.2

cpe:2.3:a:setelsa-security:conacwin:3.8.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3512

Products

Pricing

Contact Us