MidnightBSD

Advisories for ritp_project

CVE-2017-16198 MEDIUM

ritp is a static web server. ritp is vulnerable to a directory traversal issue whereby an attacker can gain access to the file system by placing ../ in the URL. Access is restricted to files with a file extension, so files such as /etc/passwd are not accessible.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
ritp_project ritp 1.0.5
ritp_project ritp 1.0.3
ritp_project ritp 1.0.2
ritp_project ritp 1.0.4