Path Traversal Vulnerability in EMCA Energy Logserver 6.1.2 Logo File Upload Feature

Path Traversal Vulnerability in EMCA Energy Logserver 6.1.2 Logo File Upload Feature

CVE-2019-14521 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter.

Learn more about our Cis Benchmark Audit For Server Software.