Vulnerabilities > CVE-2023-33871 - Unspecified vulnerability in Iagona Scrutisweb 2.1.37

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

iagona

NVD

Published: 2023-07-18

Updated: 2023-11-07

Summary

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability that could allow an unauthenticated user to directly access any file outside the webroot.

Vulnerable Configurations

Part	Description	Count
Application	Iagona Iagona Scrutisweb 2.1.37	1

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-03