WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote malicious users to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qbik wingate 5.0.5 |
||
qbik wingate 5.2.3 |
||
qbik wingate 6.0_beta_2 |