CVE-2016-8827

Name of the Vulnerable Software and Affected Versions NVIDIA GeForce Experience versions 3.x before 3.1.0.52

Description The issue concerns a lack of proper access control and parameter validation in the NVIDIA Web Helper.exe, specifically affecting the local web API endpoint "/VisualOPS/v.1.0./". This allows for information disclosure via a directory traversal attack.

Recommendations For versions prior to 3.1.0.52, update to version 3.1.0.52 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/VisualOPS/v.1.0./" API endpoint until a patch is applied.