CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 1CVE-2015-2862 – Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2015-2862
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request. Vulnerabilidad de salto de directorio en Kaseya Virtual System Administrator (VSA) en sus versiones 7.x anteriores a 7.0.0.29, 8.x anteriores a 8.0.0.18, 9.0 anteriores a 9.0.0.14 y 9.1 anteriores a 9.1.0.4 permite a usuarios remotos autenticados leer archivos de forma arbitraria mediante peticiones HTTP manipuladas. • https://www.exploit-db.com/exploits/37621 http://www.kb.cert.org/vuls/id/919604 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •