Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) 4.6.3 allows remote attackers to download arbitrary files via a .. (dot dot) in the name parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SecurityReporter目录遍历漏洞
Vulnerability Description
SecurityReporter是Sidewinder安全设备的安全事件分析和报表解决方案。 SecurityReporter的file.cgi文件没有规格化用户输入及过滤句号和斜线/反斜线,可能导致目录遍历攻击: 165 #on windows 2003 IIS the cur dir is the root itself- dont know why so we try to open it in 166 #path relative to root if ../ from cgi-bin fails
CVSS Information
N/A
Vulnerability Type
N/A