mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
825 B
825 B
CVE-2021-28485
Description
In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application.
POC
Reference
- https://www.ericsson.com/en/about-us/security/psirt
- https://www.gruppotim.it/it/footer/red-team.html
Github
No PoCs found on GitHub currently.