icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Mutiny < 5.0-1.11 Multiple Directory Traversals

High

Synopsis

The remote server contains a network monitoring application that is affected by multiple directory traversal vulnerabilities

Description

Versions of Mutiny prior to 5.0-1.11 are reportedly affected by multiple directory traversal vulnerabilities that could allow an authenticated attacker to upload, delete, and move files on the remote system with root priveleges. The functions for UPLOAD, DELETE, CUT, and COPY used in the 'Documents' section of the web fronted of Mutiny are affected

Solution

Upgrade to version 5.0-1.11 or later