Path Traversal Vulnerability – CVE-2018-0464

In application penatration test environment. A path traversal attack not rare. Most common, it manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system. Nowadays everythings aim to quick and simple. So thin client software design (web application) installed everywhere. And therefore Cisco have the following security advisory announce today.

CVE-2018-0464 – Cisco Data Center Network Manager Path Traversal Vulnerability: