CVE-2022-23854 – AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal

https://notcve.org/view.php?id=CVE-2022-23854

09 Sep 2022 — AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server. AVEVA InTouch Access Anywhere versiones 2020 R2 y anteriores son vulnerables a una explotación de path traversal que podría permitir a un usuario no autenticado con acceso a la red leer archivos en el sistema fuera del servidor web de puerta de enlace segura. InTouch Access Anywhe... • https://packetstorm.news/files/id/168328 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •