rConfig 3.9.5 could allow a remote authenticated malicious user to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences (%2f..%2f) in the path parameter to view arbitrary files on the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rconfig rconfig 3.9.5 |