NUL-Terminated Directory Traversal Vulnerability in dnaLIMS 4-2015s13
CVE-2017-6527 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).
Learn more about our Web App Pen Testing.