HomePentest-Tools.com Logo

BlueDragon CFChart Servlet < 7.1.1.18527 Directory Traversal Vulnerability - Active Check CVE-2014-5370

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

BlueDragon CFChart Servlet is prone to a directory traversal vulnerability.

Risk description

The flaw is due to the /cfchart.cfchart script not properly sanitizing user input, specifically path traversal style attacks (e.g. ../). With a specially crafted request, a remote attacker can gain access to or delete arbitrary files. Successful exploitation will allow remote attackers to download arbitrary files from an affected server and to also potentially see those files deleted after retrieval.

Recommendation

Update to version 7.1.1.18527 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 21, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available