Описание
Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "" backslash).
Ссылки
- ExploitVendor Advisory
- Exploit
- Exploit
- ExploitVendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ipcheck:server_monitor:4.3.1.368:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:4.3.1.382:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:4.4.1.521:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:4.4.1.522:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.0.1.272:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.0.1.299:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.0.1.309:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.0.1.321:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.1.0.341:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.1.0.342:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.1.0.345:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.2.0.404:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.2.0.405:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.2.0.418:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.2.0.420:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.2.2.449:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.2.2.451:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.0.506:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.0.507:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.0.508:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.0.509:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.574:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.575:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.578:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.579:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.580:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.581:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.586:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.1.587:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.2.605:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.2.606:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.2.609:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.2.610:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.2.616:*:*:*:*:*:*:*
cpe:2.3:a:ipcheck:server_monitor:5.3.2.617:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10883
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash).
EPSS
Процентиль: 93%
0.10883
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other