vendor:
a:robtex:viking_server
by:
HIGH
breaking out of the webroot. This problem makes it possible for remote user to gain access to sensitive system files
CVSS
and potentially local access."
Improper Path Handling
SecurityFocus
CWE
Product Name: a:robtex:viking_server
Affected Version From: Ensure that the Viking Server is not running on the system, or upgrade to the latest version of the Viking Server.
Affected Version To: Yes
Patch Exists: 22
Related CWE: 2001
CPE: N/A
Other Scripts:
https://www.exploit-db.com/raw/20793
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Robtex
7.5
Viking Server Improper Path Handling Vulnerability
Due to the improper handling of relative paths by the HTTP serving portion of the Viking Server, a user requesting a relative path such as "..." can gain access to the root directory
Mitigation:
N/A
