← back
CVE-2021-35380

CVE-2021-35380

EPSS 39.0%
A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download (http://url:port/file?valore).
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/50638unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/50638https://www.swascan.com/it/security-blog/https://www.swascan.com/solari-di-udine/