CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal.
References
Link | Resource |
---|---|
http://www.warmeng.com/2017/01/01/CDG-filedown/ | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-09-30 13:15
Updated : 2024-02-28 17:28
NVD link : CVE-2017-18636
Mitre link : CVE-2017-18636
CVE.ORG link : CVE-2017-18636
JSON object : View
Products Affected
esafenet
- cdg
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')