VULHUB ™

WinGate is reported susceptible to an information disclosure vulnerability in its HTTP proxy server. An internal web server contained in WinGate improperly allows attackers access to read arbitrary files outside of its document root. WinGate by default runs as the localsystem user, therefore this vulnerability allows remote attackers to read system files. An attacker can exploit this issue to read arbitrary files contained on the WinGate computer. These files may contain sensitive information that may aid in further attacks.

WinGate is reported susceptible to an information disclosure vulnerability in its HTTP proxy server. An internal web server contained in WinGate improperly allows attackers access to read arbitrary files outside of its document root. WinGate by default runs as the localsystem user, therefore this vulnerability allows remote attackers to read system files. An attacker can exploit this issue to read arbitrary files contained on the WinGate computer. These files may contain sensitive information that may aid in further attacks.