Ipswitch WhatsUp Gold 'ExportViewer.asp' Directory Traversal Vulnerability

Ipswitch WhatsUp Gold is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

An attacker can exploit this vulnerability using directory-traversal strings to download or upload arbitrary files outside of the document root directory. This may aid further attacks.

Ipswitch WhatsUp Gold versions 15.0.1 through 14.2 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus