Directory traversal vulnerability in the CGIServlet for Jetty HTTP server prior to 4.1.0 allows remote malicious users to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jetty jetty http server |