Описание
A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as problematic. Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. VDB-240866 is the identifier assigned to this vulnerability.
Ссылки
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
3.5 Low
CVSS3
5.7 Medium
CVSS3
2.7 Low
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as problematic. Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. VDB-240866 is the identifier assigned to this vulnerability.
Уязвимость функции handleFileRequest (src/main/java/com/feihong/ldap/HTTPServer.java) инструмента для эксплуатации уязвимостей в Java Naming and Directory Interface (JNDI) JNDIExploit, связанная с недостатками ограничения имени пути к каталогу, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
3.5 Low
CVSS3
5.7 Medium
CVSS3
2.7 Low
CVSS2