CVE-2007-6453

Name of the Vulnerable Software and Affected Versions RaidenHTTPD version 2.0.19

Description The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ulang parameter when the WebAdmin function is enabled. This is due to a directory traversal vulnerability in the raidenhttpd-admin/workspace.php file.

Recommendations For RaidenHTTPD version 2.0.19, consider disabling the WebAdmin function until a patch is available. As a temporary workaround, restrict access to the ulang parameter in the affected API endpoint to minimize the risk of exploitation.