At4R

**Name of the Vulnerable Software and Affected Versions** Fastream NETFile FTP/Web Server versions 6.7.2.1085 and earlier **Description** A directory traversal issue allows remote attackers to create or delete arbitrary files by using .. (dot dot) and // (double slash) sequences in the `filename` parameter. **Recommendations** For versions 6.7.2.1085 and earlier, update to a version later than 6.7.2.1085 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Pi3Web version 2.0.1 Description: A buffer overflow issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters. Recommendations: For Pi3Web version 2.0.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.