Threat Encyclopedia

KeySight.N6854A.and.N6841A.RF.Sensor.Directory.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Directory Traversal Vulnerability in KeySight N6854A and N6841A RF.
This vulnerability is due to incomplete input sanitization in Java class UserFirmwareRequestHandler. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request. Successful exploitation could read arbitrary files on the target server under the security context of the SYSTEM.

affected-products-logoAffected Products

KeySight N6854A and N6841A RF 2.3.0 and prior

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

CVE References

CVE-2022-1661

Other References

ICSA-22-146-01

Telemetry logoTelemetry