Savant Web Server 3.1 and previous versions allows remote malicious users to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
savant savant webserver |