CVE-2022-29097 Information

Description

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.

Reference

https://www.dell.com/support/kbdoc/en-us/000200215/dsa-2022-143-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities