This results in the restore operation gaining access to files which the operator should not have access to. IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. Multiple Relative Path Traversal issues exist in different specific endpoints via the file parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.Īn issue was discovered in NOKIA 1350OMS R14.2. directory traversal to read arbitrary files, as exploited in the wild in June 2022.Īn issue was discovered in NOKIA 1350OMS R14.2. UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F. The NetBackup Primary server is vulnerable to a Path traversal attack through the DiscoveryService service. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code.Īn issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products.
0 Comments
Leave a Reply. |