Directory traversal vulnerability in H2O prior to 1.4.5 and 1.5.x prior to 1.5.0-beta2, when the file.dir directive is enabled, allows remote malicious users to read arbitrary files via a crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dena h20 |