Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qbik wingate 4.0.1 |
||
qbik wingate 4.1_beta_a |
||
qbik wingate 2.1 |
||
qbik wingate 3.0 |