The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing (1) space or (2) %2e (encoded dot).
CPE | Name | Operator | Version |
---|---|---|---|
cogent_datahub | eq | 7.0 | |
cogent_datahub | eq | 7.1.1.63 | |
cogent_datahub | eq | 7.1.1 | |
cogent_datahub | eq | 7.1.0 | |
cogent_datahub | eq | 7.0.2 |