Описание
Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command.
Ссылки
- Exploit
- ExploitVendor Advisory
- Exploit
- Exploit
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microworld_technologies:escan:9.0.742.98:*:corporate:*:*:*:*:*
cpe:2.3:a:microworld_technologies:escan_management_console:9.0.742.1:*:*:*:*:*:*:*
cpe:2.3:a:microworld_technologies:escan_server:9.0.742.1:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05278
Низкий
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command.
EPSS
Процентиль: 90%
0.05278
Низкий
5 Medium
CVSS2
Дефекты
CWE-22