CVE-2011-1688Path Traversal in RT

CWE-22Path Traversal3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.4%
top 41.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Bestpractical RT
Timeline
PublishedApr 22
Latest updateMay 17

Description

Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote attackers to read arbitrary files via a crafted HTTP request.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDbestpractical/rt33 versions+32

Patches

Patch: lists.bestpractical.comPatch: lists.bestpractical.comPatch: lists.bestpractical.com

🔴Vulnerability Details

1
GHSA
GHSA-23qv-956x-w2hr: Directory traversal vulnerability in Best Practical Solutions RT 32022-05-17

💬Community

1
Bugzilla
CVE-2011-1685 CVE-2011-1686 CVE-2011-1687 CVE-2011-1688 CVE-2011-1689 CVE-2011-1690 rt3: several security flaws fixed in 3.6.11, 3.8.102011-04-14
CVE-2011-1688 — Path Traversal in Bestpractical RT | cvebase