Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Aquaforest TIFF Server default configuration allows access to arbitrary files
Vulnerability Description
The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. Depending on how a web application uses and configures TIFF Server, a remote attacker may be able to enumerate files or directories, traverse directories, bypass authentication, or access restricted files.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Aquaforest TIFF Server 安全漏洞
Vulnerability Description
Aquaforest TIFF Server是英国Aquaforest公司的一款TIFF(标签图像文件格式)服务器。 Aquaforest TIFF Server存在安全漏洞,该漏洞源于默认配置允许访问任意文件路径。
CVSS Information
N/A
Vulnerability Type
N/A