Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via ../ or .. sequences in commands such as (1) dir or (2) put.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Yak | Digicraft_software | 2.0 (including) | 2.0 (including) |
Yak | Digicraft_software | 2.0.1 (including) | 2.0.1 (including) |
Yak | Digicraft_software | 2.0.2 (including) | 2.0.2 (including) |
Yak | Digicraft_software | 2.1.0 (including) | 2.1.0 (including) |
Yak | Digicraft_software | 2.1.1 (including) | 2.1.1 (including) |
Yak | Digicraft_software | 2.1.2 (including) | 2.1.2 (including) |