Name of the Vulnerable Software and Affected Versions Nmap versions (affected versions not specified)

Description A security flaw was discovered in the http-fetch script of Nmap, which is a directory traversal vulnerability. This issue allows a malicious web server to potentially save files outside the intended destination directory if a user manually runs the NSE script against it. However, existing files cannot be overwritten. The issue was addressed by fixing the http-fetch script, auditing other scripts for similar mistakes, and updating the httpspider library API to provide default protection against this vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.