Information from Ziosoft, Inc.
Vulnerability ID:JVN#00575116
Title:Ziostation2 vulnerable to path traversal
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
Path Traversal Vulnerability in Ziostation2
● Overview
A vulnerability has been identified in Ziostation2 that allows unintended file reading under certain conditions.
● Affected Products
Ziostation2 (Version 2.9.8.7 and earlier)
● Solutions
Users can address this vulnerability by applying one of the following measures:
- Update to the fixed version (Recommended)
Update to v2.9.8.8, in which the vulnerability has been resolved.
- Workaround
If updating immediately is not feasible, the impact of this vulnerability can be mitigated by disabling the specific feature involved.
For details on how to apply these measures, please contact sales distributor.
● References
JVN#00575116 Path Traversal Vulnerability in Ziostation2
● Acknowledgments
We would like to thank Yuta Miura of FiveDrive, Inc. for discovering and reporting this vulnerability.
