CVE-2021-32972

Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software.
References
Link Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-180-03 Third Party Advisory US Government Resource
Configurations

Configuration 1

cpe:2.3:a:panasonic:fpwin_pro:*:*:*:*:*:*:*:*

Information

Published : 2021-07-09 11:15

Updated : 2021-07-13 04:55


NVD link : CVE-2021-32972

Mitre link : CVE-2021-32972

Products Affected
No products.
CWE
CWE-611

Improper Restriction of XML External Entity Reference