Path Traversal Vulnerability in Dell EMC iDRAC7/iDRAC8 Web Server

Path Traversal Vulnerability in Dell EMC iDRAC7/iDRAC8 Web Server

CVE-2018-1211 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings.

Learn more about our Web App Pen Testing.