CVE-2023-39026 – FileMage Gateway 1.10.9 - Local File Inclusion

https://notcve.org/view.php?id=CVE-2023-39026

22 Aug 2023 — Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component. Una vulnerabilidad de salto de directorios en FileMage Gateway Windows Deployments v1.10.8 y anteriores permite a un atacante remoto obtener información sensible a través de una petición manipulada al componente "/mgmt/". FileMage Gateway version 1.10.9 suffers from a local file inclusion vulnerability. • https://packetstorm.news/files/id/174491 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •