CVE-2002-2094

Name of the Vulnerable Software and Affected Versions: hellbent version 01

Description: The issue allows remote attackers to determine the full path of the web root directory. This is achieved by sending a GET request with a relative path that includes the root's parent. If the parent is incorrect, the system generates a 403 error message, but if the parent is correct, it responds normally.

Recommendations: For hellbent version 01, as a temporary workaround, consider restricting access to sensitive directories to minimize the risk of exploitation. Avoid using relative paths that could reveal the web root directory's location until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.