First published: Mon Jun 17 2019(Updated: )
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sahipro Sahi Pro | <=8.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-20470 is a directory traversal vulnerability in Tyto Sahi Pro through version 8.0.0.
CVE-2018-20470 allows an outside attacker to view contents of sensitive files in the web reports module of Tyto Sahi Pro.
CVE-2018-20470 has a severity rating of 7.5 (high).
Tyto Sahi Pro up to version 8.0.0 is affected by CVE-2018-20470.
To fix CVE-2018-20470, update Tyto Sahi Pro to a version higher than 8.0.0.