Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote malicious users to read arbitrary files by prepending several / (slash) characters to the URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
acme labs acme server 1.7 |