Security Advisory

CVE-2020-35362

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-26 05:19:10

Last updated 2024-08-04 17:02:07

Assigner mitre

State PUBLISHED

Description

DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal in handler/dext5handler.jsp. This could allow remote files to be downloaded via a dext5CMD=downloadRequest action with traversal in the fileVirtualPath parameter (the attacker must provide the correct fileOrgName value).

← Browse all CVEs View on cve.org ↗