3 matches found
CVE-2017-9812
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 version 8.0.4.312 to read arbitrary files with kluser privileges...
CVE-2017-9812
CVE-2017-9812 affects Kaspersky Anti-Virus for Linux File Server. The web UI’s getReportStatus endpoint accepts a reportId that can be abused via directory traversal to read arbitrary files with the kluser privileges. Core Security and related advisories corroborate a path traversal vulnerability...
CVE-2017-9812
creationtimestamp| type| source ---|---|--- 2017-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42269...