Описание
Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB, (4) LZH, (5) RAR, (6) TAR and (7) ZIP files.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hauri:livecall:*:*:*:*:*:*:*:*
cpe:2.3:a:hauri:virobot_advanced_server:*:*:*:*:*:*:*:*
cpe:2.3:a:hauri:virobot_expert:4.0:*:*:*:*:*:*:*
cpe:2.3:a:hauri:virobot_linux_server:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02627
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB, (4) LZH, (5) RAR, (6) TAR and (7) ZIP files.
EPSS
Процентиль: 85%
0.02627
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other