Description
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
Affected products
- brs / webweaver0.49_beta – 0.49_beta
- brs / webweaver0.50_beta – 0.50_beta
- brs / webweaver0.51_beta – 0.51_beta
- brs / webweaver0.52_beta – 0.52_beta
- brs / webweaver0.60_beta – 0.60_beta
- brs / webweaver0.61_beta – 0.61_beta
- brs / webweaver0.62_beta – 0.62_beta