CVE-2009-4645

Name of the Vulnerable Software and Affected Versions Accellion Secure File Transfer Appliance versions prior to 8 0 105

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the lang parameter.

Recommendations For versions prior to 8 0 105, update to version 8 0 105 or later to resolve the issue. As a temporary workaround, consider restricting access to the web client user guide.html file to minimize the risk of exploitation. Avoid using the lang parameter in the affected endpoint until the issue is resolved.