CVE-2021-47755

HIGH

Softlinkint Oliver V5 Library < 8.00.008.053 - Path Traversal

Title source: rule

Description

Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to download sensitive files from the server's filesystem.

Exploits (1)

exploitdb WORKING POC

by Mandeep Singh · textremotewindows

https://www.exploit-db.com/exploits/50599

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/50599

[Product] https://www.softlinkint.com/product/oliver/

Scores

CVSS v3 7.5

EPSS 0.0006

EPSS Percentile 18.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (2)

Softlink Education/Oliver Library Server < 8.00.008.053

softlinkint/oliver_v5_library < 8.00.008.053

Published Jan 15, 2026

Tracked Since Feb 18, 2026