Microsoft IIS Tilde Directory Enumeration

Impact: Medium


In some versions of Microsoft IIS, it is possible to detect the existence of files using an 8.3 short filename (SFN). This vulnerability allows attackers to enumerate and find sensitive files on the web server, potentially leading to unauthorized access or exposure of confidential information.


Please read the reference for detailed information and mitigation strategies specific to this vulnerability.


Last updated on May 13, 2024

This issue is available in SmartScanner Professional

See Pricing