HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Hsweb |
Heat-on_software |
2.0 |
2.0 |
References