CVE-2012-5969 - CERT CVE

  1. CVE-2012-5969

ID CVE-2012-5969
Sažetak Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi.
Reference
CVSS
Base: 4.8
Impact: 4.9
Exploitability:6.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL NONE
CVSS vektor AV:A/AC:L/Au:N/C:P/I:P/A:N
Zadnje važnije ažuriranje 19-12-2012 - 11:55
Objavljeno 19-12-2012 - 11:55