This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote host is affected by a directory traversal vulnerability.
The remote host is an Emerson Network Power Avocent MergePoint Unity
KVM Switch with a firmware version prior to 1.14 or 1.18. It is,
therefore, affected by a directory traversal vulnerability due to a
failure to sanitize user-supplied input to the 'filename' parameter of
the 'download.php' script. An authenticated attacker can potentially
exploit this vulnerability to gain access to arbitrary files.
See also :
Upgrade to firmware version 1.14 / 1.18, or later.
Risk factor :
Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : true