PT-2018-6059 · Hostr · Hostr
Jacksongl
·
Published
2018-06-04
·
Updated
2019-10-09
·
CVE-2017-16029
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
hostr versions 2.3.5 and earlier
Description:
There is a directory traversal issue that allows an attacker to read files outside the current directory by sending
../ in the URL path for GET requests. This enables attackers to access files they should not be able to access.Recommendations:
For hostr versions 2.3.5 and earlier, upgrade to version 2.3.6 or later.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hostr