Directory traversal

2023-02-2816:15:00

PRIOn knowledge base

www.prio-n.com

docmosis tornado

vulnerability

disclosure

directory traversal

nvd

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.0%

Docmosis Tornado <= 2.9.4 is vulnerable to Directory Traversal leading to the disclosure of arbitrary content on the file system.

CPENameOperatorVersion
tornadolt2.9.5

CPE	Name	Operator	Version
	tornado	lt	2.9.5

References

frycos.github.io/vulns4free/2023/01/24/0days-united-nations.html

resources.docmosis.com/content/documentation/tornado-v2-9-5-release-notes