MAG SM360 on PCS 8.1:
Obviously all of the PCS 8.x versions are EOL now, but the user cannot upgrade to 9.x as the MAG SM360 cannot run this software.
Logs show the following,
[127.0.0.1] System()[] - InvalidUrl: /dana-na/ .. /dana/html5acc/guacamole/ .. .. etc/passwd?/dana/html5acc/guacamole/
We thought maybe they are from someone Penetrating Testing/Vulnerability Scanning, but they come from the localhost address and various IP Addresses which are from legitimate partners they work with.
Found this PRS but don't think it's related and checking through the documentation cannot see it being listed as fixed.
Known Issue: PRS-329563 invalid URL via core access.
Any ideas why this is happening and if it can be stopped?
(admin: removed repeating directory traversal)
What version of 8.1RX are you running. In general, I would advise upgrade to the latest patch version as previous versions of 8.1RX are vulnerable to the following security issue.