CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal.
7.5CVSS
7.5AI Score
0.009EPSS
ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request.
7.5CVSS
7.5AI Score
0.043EPSS