CVE-2018-10201: Path Traversal
First published: Fri Apr 20 2018(Updated: )
An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible to read arbitrary files outside the root directory of the web server. This vulnerability could be exploited remotely by a crafted URL without credentials, with .../ or ...\ or ..../ or ....\ as a directory-traversal pattern to TCP port 8667.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NComputing vSpace Pro | =10 | |
| NComputing vSpace Pro | =11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/event
- agent/description
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ncomputing
- canonical/ncomputing vspace pro
- version/ncomputing vspace pro/10
- version/ncomputing vspace pro/11