The remote TFTP server is affected by a directory traversal vulnerability. Description : The remote host appears to be running Kiwi CatTools, a freeware application for device configuration management. The TFTP server included with the version of Kiwi CatTools installed on the remote host fails to sanitize filenames of diretory traversal sequences. An attacker can exploit this issue to get or put arbitrary files on the affected host subject to the privileges of the user id under which the server operates, LOCAL SYSTEM by default.
Upgrade to Kiwi CatTools version 3.2.9 or later.
CVSS Base Score: 10.0