Skip to content

Sensitive Data: Esafenet CDG mysql - File Read

Identifier: esafenet_mysql_fileread

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Esafenet CDG Server3 unauthorized file download vulnerability allows attackers to read sensitive files from the server without proper authorization.

How we test: We test for unauthorized file download vulnerabilities in Esafenet CDG Server3 by attempting to access files and analyzing responses to detect if local files can be downloaded without proper authorization.

Configuration

Example

Example configuration:

---
security_tests:
  esafenet_mysql_fileread:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.