VULHUB ™

nCUBE Server Manager has been reported prone to a directory traversal vulnerability. The issue presents itself likely due to a lack of sufficient sanitization performed on URI parameters. A remote attacker may exploit this condition by supplying directory traversal sequences as a value for the affected URI parameter passed to a Server Manager script. Ultimately this may allow the attacker to break out of the webserver root and view arbitrary directory listings and potentially arbitrary files on the vulnerable system.

nCUBE Server Manager has been reported prone to a directory traversal vulnerability. The issue presents itself likely due to a lack of sufficient sanitization performed on URI parameters. A remote attacker may exploit this condition by supplying directory traversal sequences as a value for the affected URI parameter passed to a Server Manager script. Ultimately this may allow the attacker to break out of the webserver root and view arbitrary directory listings and potentially arbitrary files on the vulnerable system.