exploitDog

CVE-2006-1951

Опубликовано: 24 апр. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:solarwinds:tftp_server:5.0.55_standard:*:*:*:*:*:*:*

cpe:2.3:a:solarwinds:tftp_server:5.0.60standard:*:*:*:*:*:*:*

cpe:2.3:a:solarwinds:tftp_server:8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.03034

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-frpq-9qfv-qq3p

github

почти 4 года назад

Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.

EPSS

Процентиль: 86%

0.03034

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other