Vulnerability Details CVE-2015-1429
Directory traversal vulnerability in Cybele Software Thinfinity Remote Desktop Workstation 3.0.0.3 32-bit and 64-bit allows remote attackers to download arbitrary files via a .. (dot dot) in an unspecified parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.cybelesoft.com/blog/index.php/cybele-software-inc-security-bulletin-2
- https://www.perspectiverisk.com/security-advisory-thinfinity-remote-desktop-workstation-directory-traversal/
- http://www.cybelesoft.com/blog/index.php/cybele-software-inc-security-bulletin-2
- https://www.perspectiverisk.com/security-advisory-thinfinity-remote-desktop-workstation-directory-traversal/
Products affected by CVE-2015-1429
-
cpe:2.3:a:cybelesoft:thinfinity_remote_desktop_workstation:3.0.0.3