Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2) user/helppage.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vsecurity tandberg video communication server x4.1.0 |
||
vsecurity tandberg video communication server x4.2.0 |
||
vsecurity tandberg video communication server x1.1.0 |
||
vsecurity tandberg video communication server x1.2.0 |
||
vsecurity tandberg video communication server x4.2.1 |
||
vsecurity tandberg video communication server x1.0.0 |
||
vsecurity tandberg video communication server x3.0.0 |
||
vsecurity tandberg video communication server x3.1.0 |
||
vsecurity tandberg video communication server x2.0.0 |
||
vsecurity tandberg video communication server x2.1.0 |
||
vsecurity tandberg video communication server |