Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote malicious users to delete arbitrary files via a .. (dot dot) in the filename parameter in a SetTaskLogByFile SOAP request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
landesk lenovo thinkmanagement console 9.0.3 |