Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wsmp3_daemon | Wsmp3 | 0.0.8 (including) | 0.0.8 (including) |
Wsmp3_daemon | Wsmp3 | 0.0.9 (including) | 0.0.9 (including) |
Wsmp3_daemon | Wsmp3 | 0.0.10 (including) | 0.0.10 (including) |
Wsmp3_web_server | Wsmp3 | 0.0.1 (including) | 0.0.1 (including) |
Wsmp3_web_server | Wsmp3 | 0.0.2 (including) | 0.0.2 (including) |
Wsmp3_web_server | Wsmp3 | 0.0.3 (including) | 0.0.3 (including) |
Wsmp3_web_server | Wsmp3 | 0.0.4 (including) | 0.0.4 (including) |
Wsmp3_web_server | Wsmp3 | 0.0.5 (including) | 0.0.5 (including) |
Wsmp3_web_server | Wsmp3 | 0.0.6 (including) | 0.0.6 (including) |
Wsmp3_web_server | Wsmp3 | 0.0.7 (including) | 0.0.7 (including) |