Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 devices allows attackers to read arbitrary files through a sequence of the form '.x./' or '....\x/' where x is a pattern composed of one or more (zero or more for the second pattern) of either \ or ..\ -- for example a '.\./', '....\/' or '...\./' sequence. For files with no extension, a single dot needs to be appended to ensure the HTTP server does not alter the request, e.g., a "GET /.\./.\./.\./.\./.\./.\./.\./windows/system32/drivers/etc/hosts." request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yawcam HTTP服务器路径遍历漏洞
Vulnerability Description
Yawcam是一套基于Windows平台的视频编辑管理软件。HTTP server是其中的一个HTTP服务器。 Yawcam 0.2.6版本至0.6.0版本中的HTTP服务器存在目录遍历漏洞。远程攻击者可借助‘.x./’或‘....\x/’序列利用该漏洞读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A