mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
905 B
905 B
CVE-2018-6660
&color=blue)
Description
Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file.
POC
Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10228
- https://kc.mcafee.com/corporate/index?page=content&id=SB10228
Github
No PoCs found on GitHub currently.