Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 up to and including 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alt-n webadmin 2.0.0 |
||
alt-n webadmin 2.0.1 |
||
alt-n webadmin 2.0.2 |