An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible to read arbitrary files outside the root directory of the web server. This vulnerability could be exploited remotely by a crafted URL without credentials, with .../ or ...\ or ..../ or ....\ as a directory-traversal pattern to TCP port 8667.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-04-20T08:00:00
Updated: 2024-08-05T07:32:01.645Z
Reserved: 2018-04-18T00:00:00
Link: CVE-2018-10201
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-04-20T08:29:00.240
Modified: 2018-05-16T01:29:00.797
Link: CVE-2018-10201
Redhat
No data.