Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.
[
{
"vendor": "Sumitomo Electric Information Systems Co., Ltd.",
"product": "RakRak Document Plus",
"versions": [
{
"version": "Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a)",
"status": "affected"
}
]
}
]