https://www.exploit-db.com/exploits/20447
https://www.securityfocus.com/bid/82090
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199904-024

WebComdatakommunikationGuestbook是freeware.webcom.se提供的一个免费留言本CGI程序。Guestbook软件包中的rguest.exe/wguest.exe程序在处理参数上存在漏洞，远程攻击者可以利用此漏洞遍历服务器的目录。

source: http://www.securityfocus.com/bid/2024/info
 
The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook (undetermined at the time of writing) are vulnerable to an attack allowing an intruder to retrieve the contents of arbitrary files to which the web server has access. This can be accomplished by specifying the path and filename as the parameter "template" to either rguest.exe or wguest.exe - see Exploit for example. These two programs typically reside in /cgi-bin.

http://server/cgi-bin/rguest.exe?template=c:winntsystem32$winnt$.inf will return the $winnt$.inf file

Webcom Cgi Guestbook 0

VulnerablesoftwareandversionsConfiguration1OR*cpe:/a:webcom:cgi_guestbook*DenotesVulnerableSoftware*ChangesrelatedtovulnerabilityconfigurationsTechnicalDetailsVulnerabilityType(ViewAll)CVEStandardVulnerabilityEntry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0287