The Seanox DevWex Windows binary version is prone to an issue which may cause arbitrary web-readable files to be disclosed to remote attackers. This problem occurs because DevWex does not sufficiently filter '..\' sequences from web requests.
Devwex contains a flaw that allows a remote attacker to request files outside of the web path. The issue is due to the Devwex binary not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.
Upgrade to version 1.2002.0601 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.