vendor:
Offline Explorer
by:
5
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: Offline Explorer
Affected Version From: All versions of MetaProducts Offline Explorer
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows
Directory Traversal Vulnerability in MetaProducts Offline Explorer
The Directory Traversal vulnerability in MetaProducts Offline Explorer allows remote attackers to view known files on the system by performing a GET request with a double dot "../.." directory traversal technique.
Mitigation:
It is recommended to update to the latest version of MetaProducts Offline Explorer to mitigate this vulnerability. Additionally, restricting network access to the application's port (800) can also help in preventing unauthorized access.
