Описание
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via ".." (dot-dot backslash) sequences in a GET request.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:solarwinds:tftp_server:5.0.55_standard:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04518
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
EPSS
Процентиль: 89%
0.04518
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other