← volver
CVE-2017-16038

CVE-2017-16038

EPSS 2.5%
`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run.
Productos afectados
HackerOne · f2e-server node module

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/shy2850/node-server/issues/10https://github.com/shy2850/node-server/pull/12/fileshttps://nodesecurity.io/advisories/346