CVE-2021-29398
MEDIUMNorthStar Club Management 6.3 - Unauthenticated Directory Traversal via fileManagerObjects.jsp
Title source: llmDescription
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to browse and list the directories across the entire filesystem of the host of the web application.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://Ardent-Security.com
Third Party Advisory x_refsource_misc
https://ardent-security.com/en/advisory/asa-2021-06/
Scores
CVSS v3
5.3
EPSS
0.0179
EPSS Percentile
75.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
globalnorthstar/northstar_club_management
6.3
Published
Feb 04, 2022
Tracked Since
Feb 18, 2026