CVE-2005-3490

Опубликовано: 04 нояб. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or ".." sequences in the URL.

Ссылки

http://aluigi.altervista.org/adv/asusvsbugs-adv.txt
http://marc.info/?l=full-disclosure&m=113096055302614&w=2
http://secunia.com/advisories/17419
Vendor Advisory
http://www.securityfocus.com/bid/15281
http://aluigi.altervista.org/adv/asusvsbugs-adv.txt
http://marc.info/?l=full-disclosure&m=113096055302614&w=2
http://secunia.com/advisories/17419
Vendor Advisory
http://www.securityfocus.com/bid/15281

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:asus:video_security_online:*:*:*:*:*:*:*:*

Версия до 3.5.0.0 (включая)

EPSS

Процентиль: 66%

0.00523

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-v72x-28mp-7gx5

github

почти 4 года назад

Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL.