Lucene search

[email protected]CVE-2007-5802

HistoryNov 03, 2007 - 12:46 a.m.

CVE-2007-5802

2007-11-0300:46:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2007-5802

directory traversal

firewolf technologies synergiser

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration.

Affected configurations

NVD

Node

firewolf_technologiessynergiserRange≤1.2_rc1

CPENameOperatorVersion
firewolf_technologies:synergiserfirewolf technologies synergiserle1.2_rc1

CPE	Name	Operator	Version
firewolf_technologies:synergiser	firewolf technologies synergiser	le	1.2_rc1

References

osvdb.org/38371

secunia.com/advisories/27466

securityreason.com/securityalert/3335

www.inj3ct-it.org/exploit/syner.txt

www.securityfocus.com/archive/1/483099/100/0/threaded

www.securityfocus.com/bid/26289

www.vupen.com/english/advisories/2007/3745

exchange.xforce.ibmcloud.com/vulnerabilities/38217

exchange.xforce.ibmcloud.com/vulnerabilities/38218

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Related for CVE-2007-5802

prion1 cvelist1 nvd1