Description
cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/cuciuci
https://nodesecurity.io/advisories/381
Related Vulnerabilities
CVE-2020-6457 Vulnerability in npm package electron
CVE-2019-18212 Vulnerability in maven package org.lsp4xml:org.eclipse.lsp4xml.extensions.emmet
CVE-2021-24122 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2018-3717 Vulnerability in npm package simple-server
CVE-2019-19899 Vulnerability in maven package io.pebbletemplates:pebble