CVE-2008-5862

Опубликовано: 06 янв. 2009

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI.

Ссылки

http://secunia.com/advisories/33257
Vendor Advisory
http://securityreason.com/securityalert/4877
http://www.securityfocus.com/bid/32928
Exploit
http://www.securitytracker.com/id?1021484
https://exchange.xforce.ibmcloud.com/vulnerabilities/47492
https://www.exploit-db.com/exploits/7521
http://secunia.com/advisories/33257
Vendor Advisory
http://securityreason.com/securityalert/4877
http://www.securityfocus.com/bid/32928
Exploit
http://www.securitytracker.com/id?1021484
https://exchange.xforce.ibmcloud.com/vulnerabilities/47492
https://www.exploit-db.com/exploits/7521

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:webcamxp:webcamxp:5.3.2.375:*:*:*:*:*:*:*

cpe:2.3:a:webcamxp:webcamxp:5.3.2.410:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.11516

Средний

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-jcq4-g9pc-2rr8

github

больше 3 лет назад