CVE-2021-34805
N/A
N/A
Summary
An issue was discovered in FAUST iServer before 9.0.019.019.7. For each URL request, it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://sec-consult.com/vulnerability-lab/
- http://www.land-software.de/lfs.fau?prj=iweb&dn=faust+iserver
- http://packetstormsecurity.com/files/165701/FAUST-iServer-9.0.018.018.4-Local-File-Inclusion.html
References
- https://sec-consult.com/vulnerability-lab/
- http://www.land-software.de/lfs.fau?prj=iweb&dn=faust+iserver
- http://packetstormsecurity.com/files/165701/FAUST-iServer-9.0.018.018.4-Local-File-Inclusion.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.