Name of the Vulnerable Software and Affected Versions:

QbiCRMGateway (affected versions not specified)

Description:

The QbiCRMGateway developed by Ai3 is susceptible to an arbitrary file reading issue. Unauthenticated remote attackers can exploit a relative path traversal to download arbitrary system files.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.