CVE-2018-16479

Name of the Vulnerable Software and Affected Versions http-live-simulator versions prior to 1.0.7

Description The issue allows unauthorized access to arbitrary files on disk due to a path traversal vulnerability. This is caused by insufficient input sanitization, enabling attackers to access server files by using relative paths. For example, using curl with the --path-as-is option to access sensitive files like /../../../../etc/passwd.

Recommendations Upgrade to version 1.0.7 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.