Vulnerability Description
An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Macgregor | Interschalt Vdr G4E Firmware | <= 5.220 |
| Macgregor | Interschalt Vdr G4E | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94776Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-343-04Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/94776Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-343-04Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2016-9339?
CVE-2016-9339 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special eleme...
How severe is CVE-2016-9339?
CVE-2016-9339 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9339?
Check the references section above for vendor advisories and patch information. Affected products include: Macgregor Interschalt Vdr G4E Firmware, Macgregor Interschalt Vdr G4E.