CVE-2001-0303

Name of the Vulnerable Software and Affected Versions Pi3Web version 1.0.1

Description The issue allows remote attackers to determine the physical path of the server by requesting a non-existent file via a specific URL. This is due to a flaw in the tstisapi.dll component of the Pi3Web web server.

Recommendations For Pi3Web version 1.0.1, consider restricting access to the tstisapi.dll component until a patch is available. As a temporary workaround, avoid using URLs that request non-existent files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.