What the vulnerability does

01Description

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request.

Key dates

02Disclosure timeline

September 14, 2021 CVE published
August 4, 2024 Record updated