← voltar
CVE-2017-16038

CVE-2017-16038

EPSS 2.5%
`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run.
Produtos afetados
HackerOne · f2e-server node module

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/shy2850/node-server/issues/10https://github.com/shy2850/node-server/pull/12/fileshttps://nodesecurity.io/advisories/346