High severity7.5NVD Advisory· Published Jun 4, 2018· Updated Jun 17, 2026
CVE-2017-16038
CVE-2017-16038
Description
f2e-server 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by f2e-server requiring elevated privileges to run.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
f2e-servernpm | < 1.12.12 | 1.12.12 |
Affected products
2- Range: <= 1.12.11
Patches
Vulnerability mechanics
References
6- github.com/shy2850/node-server/pull/12/filesnvdPatchWEB
- github.com/shy2850/node-server/issues/10nvdExploitIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-g7j3-p357-cw8pghsaADVISORY
- nodesecurity.io/advisories/346nvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2017-16038ghsaADVISORY
- www.npmjs.com/advisories/346ghsaWEB
News mentions
0No linked articles in our index yet.