CVE-2017-9447

by Fred · 28/02/2018

In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory. A remote, unauthenticated attacker could exploit this weakness to read arbitrary files from the vulnerable system using path traversal sequences.

Date published : 2018-02-28

https://www.exploit-db.com/exploits/442321/

https://blog.runesec.com/2018/02/22/parallels-ras-path-traversal/

CVE-2017-9447

Related

Recent Posts

Categories

Latest CWE

CVE-2017-9447

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE