CVE-2010-3460

Name of the Vulnerable Software and Affected Versions AXIGEN Mail Server version 7.4.1

Description A directory traversal issue exists in the HTTP interface, allowing remote attackers to read arbitrary files by including a %5C (encoded backslash) in the URL.

Recommendations For AXIGEN Mail Server version 7.4.1, consider restricting access to the HTTP interface until a fix is available. As a temporary workaround, avoid using the %5C character in URLs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.