CVE-2006-5596

Опубликовано: 28 окт. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.

Ссылки

http://secunia.com/advisories/22550
Vendor Advisory
http://www.securityfocus.com/bid/20722
Exploit
http://www.vupen.com/english/advisories/2006/4224
https://exchange.xforce.ibmcloud.com/vulnerabilities/29817
https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c
Exploit
https://www.exploit-db.com/exploits/2637
http://secunia.com/advisories/22550
Vendor Advisory
http://www.securityfocus.com/bid/20722
Exploit
http://www.vupen.com/english/advisories/2006/4224
https://exchange.xforce.ibmcloud.com/vulnerabilities/29817
https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c
Exploit
https://www.exploit-db.com/exploits/2637

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aep_networks:smartgate_ssl_server:4.3b:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.09854

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hp3p-fc9m-xq9w

github

почти 4 года назад