Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

CherryPy < 2.1.1 staticfilter Directory Traversal Arbitrary File Access



The remote host is vulnerable to a Directory Traversal flaw.


The remote host is running CherryPy, a web-based content management system written in python. This version of CherryPy is vulnerable to a directory traversal flaw. An attacker exploiting this flaw would send a malformed query to the application. Successful exploitation would result in the attacker being able to access confidential data outside of the web root directory.


Upgrade to version 2.1.1 or higher.