### [CVE-2022-27248](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27248)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

A directory traversal vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to download arbitrary .dwg files from a remote server by specifying an absolute or relative path when invoking the affected DownloadDwg endpoint. An attack uses the path field to CaddemServiceJS/CaddemService.svc/rest/DownloadDwg.

### POC

#### Reference
- http://packetstormsecurity.com/files/166560/IdeaRE-RefTree-Path-Traversal.html

#### Github
- https://github.com/ARPSyndicate/cvemon