RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ronds | equipment_predictive_maintenance | 1.19.5 |
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system (OS) commands.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ronds | equipment_predictive_maintenance | 1.19.5 |