3Com Intelligent Management Center (IMC) contains a vulnerability that could allow an unauthenticated, remote attacker to conduct directory traversal attacks.
The vulnerability is in the reporting component of IMC. An unauthenticated remote, attacker could exploit the vulnerability by sending crafted HTTP requests that contain directory traversal characters. A successful exploit could allow the attacker to access arbitrary files outside the web directory through directory traversal attacks.
3Com has not confirmed this vulnerability and updates are not available.