BRS WebWeaver Web Server 1.01 allows remote malicious users to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.
brs webweaver 1.0.1