CVE-2021-37469

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
25/07/2021
Last modified:
05/08/2021

Description

In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:nch:webdictate:*:*:*:*:*:*:*:* 2.13 (including)