Back to Advisories

Advisories

Rapid7 Advisory R7-0019: Directory traversal vulnerability in SolarWinds TFTP Server for Windows

CVE: CVE-2006-1951

Summary

April 24, 2006 - Rapid7 has found a directory traversal vulnerability in SolarWinds TFTP Server for Windows. This vulnerability allows remote users to download any files outside of the server's TFTP data directory.

Affected system(s):

KNOWN VULNERABLE:

  • SolarWinds TFTP Server v8.1 and earlier

KNOWN FIXED:

  • SolarWinds TFTP Server v8.2
2. Summary