Lucene search
MitreCVELIST:CVE-2017-11658HistoryJul 26, 2017 - 3:00 p.m.
CVE-2017-11658
2017-07-2615:00:00
mitre
www.cve.org
0.002 Low
EPSS
Percentile
52.0%
In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters (…) – however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00…/.%00…/ attack.
Related
cve
cve
CVE-2017-11658
2017-07-26 15:29:00
nvd
nvd
CVE-2017-11658
2017-07-26 15:29:00
prion
prion
Design/Logic Flaw
2017-07-26 15:29:00
wpvulndb
wpvulndb
WP Rocket <= 2.10.3 - Local File Inclusion (LFI)
2017-06-22 00:00:00