Описание
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
Ссылки
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bitdefender:update_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07791
Низкий
7.8 High
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
EPSS
Процентиль: 92%
0.07791
Низкий
7.8 High
CVSS2
Дефекты
CWE-22