Directory Traversal Vulnerability in HP Web Jetadmin
CVE-2004-1857
Currently unrated
What is CVE-2004-1857?
A directory traversal vulnerability exists in the setinfo.hts component of HP Web Jetadmin 7.5.2546. This flaw allows remote authenticated attackers to exploit the application by manipulating the 'setinclude' parameter with a series of '../' sequences. Successful exploitation can lead to unauthorized access, enabling attackers to read arbitrary files on the server. This poses significant risks, including potential exposure of sensitive information and system configuration files.