PT-2006-2188 · Microsoft+1 · Windows+1

Published

2006-03-12

Updated

2018-10-18

CVE-2006-1161

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy File Sharing (EFS) Web Server version 3.2

Description The issue allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder due to an absolute path traversal vulnerability.

Recommendations For Easy File Sharing (EFS) Web Server version 3.2, consider restricting file upload capabilities to prevent malicious file uploads until a patch is available. As a temporary workaround, restrict access to the Windows startup folder to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1161

Affected Products

Easy File Sharing Web Server

Windows

PT-2006-2188 · Microsoft+1 · Windows+1

CVE-2006-1161

Related Identifiers

Affected Products

References · 7