SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for malicious users to escape outside of the restricted location to access files or directories.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap cloud connector 2.0 |