Skip to main content

CVE-2021-35380

Description

A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download (http://url:port/file?valore).

NVD
Severity: HIGH
CVE ID: CVE-2021-35380
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2021-35380

Refrence: Project Discovery GitHub

Description
Proof Of Concept