CVE-2020-7521

CVE-2020-7521

Vendor N/A
Product SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier
Weakness CWE-22 · Path traversal
Published August 31, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories.

Key dates

02Disclosure timeline

August 31, 2020 CVE published
August 4, 2024 Record updated