A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: ‘../filedir’. The attack needs to be done within the local network.
View the template here CVE-2024-6746.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-6746