Paessler · Ipcheck Server Monitor · CVE-2006-4140
**Name of the Vulnerable Software and Affected Versions**
IPCheck Server Monitor versions prior to 5.3.3.639/640
**Description**
The issue allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL. This can be achieved by using various encoded sequences such as "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "" backslash).
**Recommendations**
For versions prior to 5.3.3.639/640, update to version 5.3.3.639/640 or later to resolve the issue.