NuytsTech Security

CVE-2017-15937

by ·

Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page’s graph requisition. This also implies that general OS information is leaked (e.g., a /var/www pathname typically means Linux or UNIX).

Date published : 2017-10-27

https://medium.com/stolabs/security-issue-on-pandora-fms-enterprise-be630059a72d

Tags: