CVE-2019-25355

Name of the Vulnerable Software and Affected Versions gSOAP version 2.8

Description gSOAP 2.8 contains a directory traversal flaw. Unauthenticated attackers can exploit this to access system files by manipulating HTTP path traversal techniques. Specifically, attackers can retrieve sensitive files, such as /etc/passwd, by sending specially crafted GET requests containing multiple '../' directory traversal sequences. The vulnerability allows access to files through manipulated paths.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.