CVE-2022-38129

critical

Description

A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host.

References

https://www.tenable.com/security/research/tra-2022-28

Details

Source: MITRE

Published: 2022-08-10

Updated: 2022-08-15

Type: CWE-22