Family: CGI abuses --> Category: attack
CherryPy staticFilter Directory Traversal Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for staticFilter directory traversal vulnerability in CherryPy
Detailed Explanation for this Vulnerability Test
The remote web server is prone to directory traversal attacks.
The remote host is running CherryPy, a web server powered by Python.
The installed version of CherryPy fails to filter directory traversal
sequences from requests that pass through its 'staticFilter' module.
A possible hacker can exploit this issue to read arbitrary files on the
remote host subject to the rights under which the affected
See also :
Upgrade to CherryPy version 2.1.1 or later.
Low / CVSS Base Score : 2.3
Click HERE for more information and discussions on this network vulnerability scan.