Lucene search
PRIOn knowledge basePRION:CVE-2017-11658HistoryJul 26, 2017 - 3:29 p.m.
Design/Logic Flaw
2017-07-2615:29:00
PRIOn knowledge base
www.prio-n.com
3
0.002 Low
EPSS
Percentile
52.0%
In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters (…) – however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00…/.%00…/ attack.
Related
cve
cve
CVE-2017-11658
2017-07-26 15:29:00
cvelist
cvelist
CVE-2017-11658
2017-07-26 15:00:00
wpvulndb
wpvulndb
WP Rocket <= 2.10.3 - Local File Inclusion (LFI)
2017-06-22 00:00:00
nvd
nvd
CVE-2017-11658
2017-07-26 15:29:00