Cdata: Security Vulnerabilities
CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF).
CVSS Score
7.5
EPSS Score
0.886
Published
2023-06-16
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. One can escape from a shell and acquire root privileges by leveraging the TFTP download configuration.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-11-24