CVE-2018-20470: Path Traversal
First published: Mon Jun 17 2019(Updated: )
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sahipro Sahi Pro | <=8.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-20470?
CVE-2018-20470 is a directory traversal vulnerability in Tyto Sahi Pro through version 8.0.0.
How does CVE-2018-20470 impact Tyto Sahi Pro?
CVE-2018-20470 allows an outside attacker to view contents of sensitive files in the web reports module of Tyto Sahi Pro.
What is the severity of CVE-2018-20470?
CVE-2018-20470 has a severity rating of 7.5 (high).
Which version of Tyto Sahi Pro is affected by CVE-2018-20470?
Tyto Sahi Pro up to version 8.0.0 is affected by CVE-2018-20470.
How can I fix CVE-2018-20470?
To fix CVE-2018-20470, update Tyto Sahi Pro to a version higher than 8.0.0.
- collector/nvd-index
- agent/weakness
- vendor/sahipro
- canonical/sahipro sahi pro
- version/sahipro sahi pro/8.0.0