This security bulletin contains one low risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the login function. A remote attacker on the local network can send a specially crafted HTTP request and read arbitrary files on the system.Mitigation
Install update from vendor's website.Vulnerable software versions
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?