1. Home
  2. Knowledge base
  3. Gespage Server
  4. Security
  5. Security Advisory: Gespage directory traversal

Security Advisory: Gespage directory traversal

Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            PDF

            Description:


            Directory Traversal is a vulnerability which allows attackers to access restricted directories and read files outside of the web server's root directory. 

            By exploiting directory traversal vulnerabilities, attackers step out of the root directory and access files in other directories. As a result, attackers might view restricted files or execute commands, leading to a full compromise of the Web server. 

            Affected Items:


            /gespage/doDownloadData 

            /gespage/webapp/doDownloadData 

            Products and versions affected:


            Gespage v8.2.1 and earlier.

            Workaround:


            Users who still use an older version of the product are strongly invited to upgrade to the latest version available.

            References:


            ON-X | issue found by Olivier Thibault :

            https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdf


            Mitre, CVE-2021-33807

            https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33807


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0