cve/2017/CVE-2017-6020.md

### [CVE-2017-6020](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6020)
![](https://img.shields.io/static/v1?label=Product&message=LAquis%20SCADA%20software&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20traversal%20CWE-22&color=brighgreen)

### Description

Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.

### POC

#### Reference
- https://www.exploit-db.com/exploits/42885/

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2017-6020](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6020)`
			`![](https://img.shields.io/static/v1?label=Product&message=LAquis%20SCADA%20software&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20traversal%20CWE-22&color=brighgreen)`

			`### Description`

			`Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.`

			`### POC`

			`#### Reference`
			`- https://www.exploit-db.com/exploits/42885/`

			`#### Github`
			`No PoCs found on GitHub currently.`