← back
CVE-2024-22050

Iodine Static File Server Path Traversal Vulnerability

CVSS 7.5 HIGHEPSS 0.9%CWE-22
Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
iodine

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/advisories/GHSA-85rf-xh54-whp3https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949889https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3