CVE-2021-47724 — MEDIUM (6.5)

Vulnerability Description

STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers to access arbitrary files by manipulating the files parameter in the archive download functionality. Attackers can send GET requests to /archive/download with directory traversal sequences to read sensitive system files like /etc/passwd.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Stvs	Provision	5.5

Related Weaknesses (CWE)

CWE-22

References

http://www.stvs.chNot Applicable
https://www.exploit-db.com/exploits/49481ExploitTechnical Description
https://www.vulncheck.com/advisories/stvs-provision-authenticated-file-disclosurThird Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5623.phpThird Party Advisory

FAQ

What is CVE-2021-47724?

CVE-2021-47724 is a vulnerability with a CVSS score of 6.5 (MEDIUM). STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers to access arbitrary files by manipulating the files parameter in the archive download functionality. A...

How severe is CVE-2021-47724?

CVE-2021-47724 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-47724?

Check the references section above for vendor advisories and patch information. Affected products include: Stvs Provision.