Описание
Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. (dot dot) in the name parameter.
Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. (dot dot) in the name parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-3692
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35323
- http://jvn.jp/jp/JVN%2333593387/index.html
- http://osvdb.org/38453
- http://securitytracker.com/id?1018344
- http://www.au.kddi.com/ezfactory/tec/dlcgi/info.html
- http://www.vupen.com/english/advisories/2007/2472
EPSS
Процентиль: 65%
0.00494
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. (dot dot) in the name parameter.
EPSS
Процентиль: 65%
0.00494
Низкий