CVE-2009-3561
NONE—CVSS v3
5.0CVSS v2
1.10%
EPSS (exploit probability)
CWE-22CWE
Description
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action.
Affected routers (1)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch? |
|---|---|---|---|---|---|
| Ubiquiti | Ubiquiti EdgeRouter 4 | — |
— | — | No |