CVE-2016-6601

2017-01-23T16:59:02
ID CVE-2016-6601
Type cve
Reporter NVD
Modified 2018-10-09T16:00:46

Description

Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile.