Описание
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request.
Ссылки
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.7_build381 (включая)
Одно из
cpe:2.3:a:robtex:viking_server:*:*:*:*:*:*:*:*
cpe:2.3:a:robtex:viking_server:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:robtex:viking_server:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:robtex:viking_server:1.0.7:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00455
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request.
EPSS
Процентиль: 63%
0.00455
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other