CVE-2013-10063

Sažetak

A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data.

Reference

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb
https://web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002
https://www.exploit-db.com/exploits/24441
https://www.vulncheck.com/advisories/netgear-sph200d-path-traversal-via-http-get

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

01-08-2025 - 21:15

Objavljeno

01-08-2025 - 21:15