FHEM 6.0 fhem/FileLog_logWrapper file information disclosure

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, has been found in FHEM 6.0. Affected by this issue is an unknown function of the file fhem/FileLog_logWrapper. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field01/20/2021 08:43 AM02/15/2021 05:01 PM02/15/2021 05:04 PM
nameFHEMFHEMFHEM
version6.06.06.0
filefhem/FileLog_logWrapperfhem/FileLog_logWrapperfhem/FileLog_logWrapper
argumentfilefilefile
cwe200 (information disclosure)200 (information disclosure)200 (information disclosure)
risk111
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
urlhttps://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerabilityhttps://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerabilityhttps://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability
cveCVE-2020-19360CVE-2020-19360CVE-2020-19360
date1611097200 (01/20/2021)1611097200 (01/20/2021)1611097200 (01/20/2021)
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss2_vuldb_avAAA
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
cvss2_vuldb_basescore2.32.32.3
cvss2_vuldb_tempscore2.32.32.3
cvss3_vuldb_basescore3.53.53.5
cvss3_vuldb_tempscore3.53.53.5
cvss3_meta_basescore3.53.55.5
cvss3_meta_tempscore3.53.55.5
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned15972696001597269600
cve_nvd_summaryLocal file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure.Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iN
cvss3_nvd_aN
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiN
cvss2_nvd_aiN
cvss2_nvd_basescore5.0
cvss3_nvd_basescore7.5

Want to stay up to date on a daily basis?

Enable the mail alert feature now!