CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
25.8%
An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /…/…/…/ Directory Traversal input to the URL’s GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system.
Vendor | Product | Version | CPE |
---|---|---|---|
buddho | etcd_browser | - | cpe:2.3:a:buddho:etcd_browser:-:*:*:*:*:*:*:* |