CVE-2020-9048 – victor Web Client - Arbitrary File Deletion Vulnerability

https://notcve.org/view.php?id=CVE-2020-9048

08 Oct 2020 — A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service attack. Una vulnerabilidad en versiones específicas de American Dynamics victor Web Client y Software House CCURE Web Client podría permitir a un atacante remoto no autenticado en la red eliminar archivos arbitrarios en el sistema o i... • https://us-cert.cisa.gov/ics/advisories/icsa-20-282-01 • CWE-285: Improper Authorization CWE-732: Incorrect Permission Assignment for Critical Resource •