CVE-2008-1606

Name of the Vulnerable Software and Affected Versions Elastic Path versions 4.1 through 4.1.1

Description The issue allows remote attackers to exploit multiple directory traversal vulnerabilities. This can be achieved by (1) downloading arbitrary files via a .. (dot dot) in the file parameter to "manager/getImportFileRedirect.jsp", (2) uploading arbitrary files via a ".." (dot dot backslash) in the file parameter to "importData.jsp", and (3) listing directory contents via a .. (dot dot) in the dir parameter to "manager/fileManager.jsp".

Recommendations For Elastic Path versions 4.1 through 4.1.1, consider restricting access to the "manager/getImportFileRedirect.jsp", "importData.jsp", and "manager/fileManager.jsp" endpoints until a patch is available. As a temporary workaround, avoid using the file and dir parameters in the affected API endpoints. At the moment, there is no information about a newer version that contains a fix for this vulnerability.