CVE-2019-8925

CVE-2019-8925

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via any file name, such as a schFilePath=C:boot.ini value.

Source: CVE-2019-8925

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다