Primary

Context

MasterSAM Star Gate 11 Directory Traversal Vulnerability in Download Service

Vulnerability

A directory traversal vulnerability has been identified in MasterSAM Star Gate 11, specifically within the downloadService endpoint. This issue allows attackers to manipulate the file parameter to access arbitrary files on the server, potentially leading to the exposure of sensitive information. The vulnerability arises because the application fails to validate file paths properly, and it can be exploited without authentication.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive files on the server.

Reproduction

To reproduce this vulnerability, send a GET request to the /adama/adama/downloadService endpoint. Include a crafted file parameter that traverses directories to access restricted files. This can be done without authentication.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

7.9

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

7.9

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MasterSAM Star Gate 11 Directory Traversal Vulnerability in Download Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating