CVE-2017-16029
N/A
N/A
Summary
hostr is a simple web server that serves up the contents of the current directory. There is a directory traversal vulnerability in hostr 2.3.5 and earlier that allows an attacker to read files outside the current directory by sending ../ in the url path for GET requests.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | hostr node module | <=2.3.5 | affected |
Weaknesses
- CWE-22: Path Traversal (CWE-22)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.