A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Path Traversal
Cadclick
NVD
CVSS 3.1
3.9
EPSS
0.9%