CVE-2018-20470 Scanner

Tyto Sahi Pro is a widely used software testing tool that allows developers to create and execute automated functional and regression tests. With an intuitive graphical user interface, it simplifies the testing process and increases efficiency. Tyto Sahi Pro supports web applications and is available on Windows, Linux, and Mac OS platforms. 

However, there is a significant vulnerability in the Tyto Sahi Pro software discovered in versions 7.x.x and 8.0.0 that can lead to a directory traversal exploit, making it possible for an external attacker to view confidential files. The CVE-2018-20470 vulnerability gets triggered because of an issue in the web reports module, which allows arbitrary file access.

This vulnerability is significant, as it enables an attacker to access files without authorization, including personally identifiable information (PII), sensitive corporate data, and financial information. Once these files are retrieved, an attacker can sell or use them maliciously. 

Through the pro features offered on the securityforeveryone.com platform, readers of this article can gain a comprehensive understanding of their digital assets' vulnerabilities in a fast and straightforward manner. With Security for Everyone, you can stay informed about the latest cybersecurity threats and employ zero-day protection. Take advantage of the valuable resources available on the platform to stay ahead of the impending threats!

REFERENCES

• http://packetstormsecurity.com/files/153330/Sahi-Pro-7.x-8.x-Directory-Traversal.html
• https://barriersec.com/2019/06/cve-2018-20470-sahi-pro/