CVE-2020-12116

Path Traversal vulnerability

Vulnerability Details
Impact CVSS V3 rating: NA
Reported 22th April 2020
Reported by R.J. McDown, an independent security researcher
Fixed 29th April 2020
Affected Builds → Builds till 124195
→ Builds 125000 - 125124
Fixed in Builds 124196/125125
Overview Path Traversal vulnerability in URLs starting with <cachestart>
Recommended Fix

→ For builds till 124195, please upgrade to OpUtils version 12.4.196 or above.

→ For builds 125000 - 125124, please upgrade to OpUtils version 12.5.125.

 

Description 

A path traversal vulnerability was recently reported, which enabled unrestricted access to any file in the product directory. This has been fixed.

We recommend that you upgrade to OpUtils version 12.4.196 / OpUtils version 12.5.125 (for builds 125000 - 125124) or contact our support team at oputils-support@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2020-12116 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at oputils-support@manageengine.com