[CVE-2019-20085] TVT NVMS-1000 Directory Traversal Vulnerability

SecurityDesk

• 2021.11.03 00:00 • 조회 11

CISA KEV 정보

취약점명	TVT NVMS-1000 Directory Traversal Vulnerability
설명	TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.
조치사항	Apply updates per vendor instructions.
랜섬웨어 캠페인 악용	Unknown
CWE	CWE-22
등록일 (KEV)	2021-11-03
조치 기한	2022-05-03
추가 참고	https://nvd.nist.gov/vuln/detail/CVE-2019-20085

NVD 상세 정보

CVSS v3.1: 7.5 HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

설명: TVT NVMS-1000 devices allow GET /.. Directory Traversal

CWE: CWE-22 | CWE-22

참조

http://packetstormsecurity.com/files/157196/TVT-NVMS-1000-Directory-Traversal.html [Exploit, Third Party Advisory, VDB Entry]
https://www.exploit-db.com/exploits/47774 [Exploit, Third Party Advisory, VDB Entry]
http://packetstormsecurity.com/files/157196/TVT-NVMS-1000-Directory-Traversal.html [Exploit, Third Party Advisory, VDB Entry]
https://www.exploit-db.com/exploits/47774 [Exploit, Third Party Advisory, VDB Entry]
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-20085 [US Government Resource]

This product uses the NVD API but is not endorsed or certified by the NVD.

← 목록으로 돌아가기

IT 도구 서랍

→ Unix: 2025-01-15T09:30:00
→ 날짜: 1736934600

→ ASCII: ABC
→ 문자: 65 66 67

ASCII 코드표 — 클릭하면 입력란에 추가

제어 문자 (0–31)

Dec	Hex	약어	설명

출력 가능 문자 (32–126)

Dec	Hex	문자

확장 ASCII (128–255)

Dec	Hex	문자

→ 유니코드: 홍길동
→ 문자: \ud64d\uae38\ub3d9