Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A directory traversal vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to download arbitrary .dwg files from a remote server by specifying an absolute or relative path when invoking the affected DownloadDwg endpoint. An attack uses the path field to CaddemServiceJS/CaddemService.svc/rest/DownloadDwg.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IdeaRe SpA IdeaRE RefTree 路径遍历漏洞
Vulnerability Description
IdeaRe SpA IdeaRE RefTree是意大利亚IdeaRe SpA公司的一个用于管理复杂房地产情况的 Web 应用程序。 IdeaRe SpA IdeaRE RefTree 2021.09.17 之前版本存在路径遍历漏洞。目前暂无该漏洞信息,请随时关注CNNVD或厂商公告。
CVSS Information
N/A
Vulnerability Type
N/A