Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:38231
HistoryNov 24, 2022 - 9:50 a.m.

Information Disclosure

2022-11-2409:50:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
freerdp
vulnerability
information disclosure
missing path canonicalization
base path check
drive channel
attacker gain access
read files.

EPSS

0.001

Percentile

45.3%

freerdp is vulnerable to information disclosure. The vulnerability exists due to missing path canonicalization and base path check for drive channel which allows an attacker to gain access and read files outside the shared directory.