mkdocs 1.2.2 built-in dev-server directory traversal CVE-2021-40978 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

mkdocs 1.2.2 built-in dev-server directory traversal CVE-2021-40978 Scanner Detail

In mkdocs 1.2.2 built-in dev-server, there is Directory Traversal vulnerability.

** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601.] and https://github.com/nisdn/CVE-2021-40978/issues/1.

Some Advice for Common Problems

  • You need to apply related fixes.
  • Sanitize all parameters received as input from the user.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service