Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via ".." and hex-encoded (1) slash "/" ("%2f") or (2) backslash "\" ("%5c") sequences.
Max CVSS
5.0
EPSS Score
0.80%
Published
2005-11-03
Updated
2016-10-18
1 vulnerabilities found