Limited Black Friday Offer:

TermTalk Server 3.24.0.2 - Local File Inclusion CVE-2021-35380 Scanner

There is a local file inclusion vulnerability in TermTalk Server 3.24.0.2, which allow remote attackers to read arbitrary files.

Short Info

Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

TermTalk Server 3.24.0.2 - Local File Inclusion CVE-2021-35380 Scanner Detail

A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download (http://url:port/file?valore).

https://www.exploit-db.com/exploits/50638
https://www.swascan.com/it/security-blog/
https://www.swascan.com/solari-di-udine/