← back
CVE-2012-5100

CVE-2012-5100

EPSS 7.9%
Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/36500unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2012-01/0028.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/72138http://www.securityfocus.com/bid/51286