CVE-2021-42261: 
Revisor Video Management System vulnerability analysis and mitigation

Revisor Video Management System (VMS) before version 2.0.0 contains a directory traversal vulnerability that was discovered in 2021. The vulnerability allows remote attackers to traverse the file system to access files or directories that are outside of the restricted directory on the remote server, potentially leading to the disclosure of sensitive data on the vulnerable server (Jet Pentest, NVD).

The vulnerability exists in the web server component of Revisor VMS and has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. This indicates that the vulnerability can be exploited remotely with low attack complexity, requires no privileges or user interaction, and primarily impacts confidentiality (NVD).

Successful exploitation of this vulnerability could allow attackers to access files and directories outside of the intended restricted directory on the server. This could result in unauthorized access to sensitive data stored on the vulnerable server (NVD).

The vulnerability has been fixed in Revisor VMS version 2.0.0. Users running affected versions should upgrade to version 2.0.0 or later to mitigate this security issue (Revisor Lab).