Description
Directory traversal vulnerability in Oxide WebServer allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by demonalex · textremotewindows
https://www.exploit-db.com/exploits/36376
References (3)
Core 3
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/50845
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/520679/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/71512
Scores
EPSS
0.0145
EPSS Percentile
80.9%
Details
CWE
CWE-22
Status
published
Products (1)
monoxide0184/oxide_webserver
Published
Dec 08, 2011
Tracked Since
Feb 18, 2026