VULHUB ™

The Viking webserver is susceptible to directory traversal attacks using multiple dots in submitted URLs. If the request is made in specific formats, the server will send out files outside of the intended webroot, potentially compromising the privacy of user data and/or obtaining information which could be used to further compromise the host.

The Viking webserver is susceptible to directory traversal attacks using multiple dots in submitted URLs. If the request is made in specific formats, the server will send out files outside of the intended webroot, potentially compromising the privacy of user data and/or obtaining information which could be used to further compromise the host.