Summary
Acritum Femitter Server is prone to multiple remote vulnerabilities, including:
- An authentication-bypass vulnerability
- An arbitrary file-download vulnerability
- A directory-traversal vulnerability
- An arbitrary file-upload vulnerability
Exploiting this issue will allow an attacker to gain access to sensitive information, upload arbitrary files, download arbitrary files, and execute arbitrary code within context of the affected server. Other attacks are also possible.
Acritum Femitter Server 1.03 is vulnerable
other versions may also
be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- IBM WebSphere Application Server Hash Collisions DOS Vulnerability
- Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
- Apache HTTP Server mod_proxy_ajp Process Timeout DoS Vulnerability (Windows)
- CERN HTTPD access control bypass
- F*EX (Frams's Fast File EXchange) Multiple XSS Vulnerabilities