CVE-2005-4622

Name of the Vulnerable Software and Affected Versions eFileGo version 3.01

Description A directory traversal issue allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files. This can be achieved by including a (triple dot) in the URL on port 608 or in the argument to upload.exe.

Recommendations For eFileGo version 3.01, consider restricting access to the upload.exe and limiting the ability to execute arbitrary code or upload files until a fix is available. As a temporary workaround, avoid using the (triple dot) in the URL on port 608 and in arguments to upload.exe to minimize the risk of exploitation.