CVE-2015-1429

Name of the Vulnerable Software and Affected Versions Cybele Software Thinfinity Remote Desktop Workstation version 3.0.0.3

Description A directory traversal issue allows remote attackers to download arbitrary files by utilizing a .. (dot dot) in an unspecified parameter. This could potentially lead to unauthorized access to sensitive information.

Recommendations For Cybele Software Thinfinity Remote Desktop Workstation version 3.0.0.3, consider restricting access to sensitive files and directories as a temporary workaround until a patch is available. Avoid using the vulnerable parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.