CVE-2018-17785

In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file...

GHSA-4R64-WF76-C53P In blynk-server a Directory Traversal exists

In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file...

Blynk blynk-server path traversal vulnerability

Blynk is an application for controlling Arduino and Raspberry Pi. blynk-server is one of the server components. A directory traversal vulnerability exists in blynk-server in versions of Blynk prior to 0.39.7. An attacker can exploit this vulnerability with a URL with '... /' and the URL starts wi...

CVE-2018-17785

In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file...

CVE-2018-17785

In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file...

CVE-2018-17785

Affected software: blynk-server (Blynk) prior to 0.39.7. Vulnerability: Directory Traversal via a ../ in a URI that begins with /static or /static/js, demonstrated by reading /etc/passwd. Root cause: improper validation of path traversal in static assets; enables access to arbitrary files on the ...

CVE-2018-17785

In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file...