Vulnerabilities (CVE)

Filtered by vendor Aquaforest Subscribe
Filtered by product Tiff Server
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6352 1 Aquaforest 1 Tiff Server 2024-11-21 N/A 5.3 MEDIUM
The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. Depending on how a web application uses and configures TIFF Server, a remote attacker may be able to enumerate files or directories, traverse directories, bypass authentication, or access restricted files.
CVE-2020-9325 1 Aquaforest 1 Tiff Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
Aquaforest TIFF Server 4.0 allows Unauthenticated Arbitrary File Download.
CVE-2020-9324 1 Aquaforest 1 Tiff Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC.
CVE-2020-9323 1 Aquaforest 1 Tiff Server 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Aquaforest TIFF Server 4.0 allows Unauthenticated File and Directory Enumeration via tiffserver/tssp.aspx.