Versions of http-live-simulator
prior to 1.0.7 are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths. For example: curl --path-as-is http://localhost:8080//../../../../etc/passwd
.
Upgrade to version 1.0.7
CPE | Name | Operator | Version |
---|---|---|---|
http-live-simulator | lt | 1.0.7 |