Main Vulnerability Database Exploits ID:3777 - Exploit for Path traversal in Nitro Pro - CVE-2017-7442

ID:3777 - Exploit for Path traversal in Nitro Pro - CVE-2017-7442

Published: August 9, 2020

Vulnerability identifier: #VU38606

Vulnerability risk: High

CVE-ID: CVE-2017-7442

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
Nitro Pro

Link to public exploit:

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.

Install update from vendor's website.