CVSS: 7.5EPSS: 22%CPEs: 2EXPL: 2CVE-2019-16758 – Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal
https://notcve.org/view.php?id=CVE-2019-16758
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system. En Lexmark Services Monitor versión 2.27.4.0.39 (ejecutándose en el puerto TCP 2070), un atacante remoto puede usar una técnica de salto de directorio usando /../../../ o ..%2F ..%2F ..%2F para obtener archivos locales en el sistema operativo host. Lexmark Services Monitor version 2.27.4.0.39 suffers from a directory traversal vulnerability. • https://www.exploit-db.com/exploits/47663 http://packetstormsecurity.com/files/155365/Lexmark-Services-Monitor-2.27.4.0.39-Directory-Traversal.html http://seclists.org/fulldisclosure/2019/Nov/17 http://support.lexmark.com/index?page=content&id=TE930&locale=en&userlocale=EN_US https://www.symantec.com/security-center/vulnerabilities/writeup/110943 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •