Lucene search

[email protected]CVE-2007-6453

HistoryDec 20, 2007 - 12:46 a.m.

CVE-2007-6453

2007-12-2000:46:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2007

6453

directory traversal

raidenhttpd

vulnerability

webadmin

remote attackers

include

execute

arbitrary

local files

7.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

90.1%

JSON

Directory traversal vulnerability in raidenhttpd-admin/workspace.php in RaidenHTTPD 2.0.19, when the WebAdmin function is enabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the ulang parameter.

Affected configurations

NVD

Node

raiden_professional_serversraidenhttpdMatch2.0.19

CPENameOperatorVersion
raiden_professional_servers:raidenhttpdraiden professional servers raidenhttpdeq2.0.19

CPE	Name	Operator	Version
raiden_professional_servers:raidenhttpd	raiden professional servers raidenhttpd	eq	2.0.19

References

jvn.jp/jp/JVN%2390438169/index.html

retrogod.altervista.org/rgod_raidenhttpdudo.html

secunia.com/advisories/28143

securityreason.com/securityalert/3460

www.osvdb.org/39228

www.raidenhttpd.com/jp/security.html

www.securityfocus.com/archive/1/485221/100/0/threaded

www.securityfocus.com/bid/26903

www.vupen.com/english/advisories/2007/4244

exchange.xforce.ibmcloud.com/vulnerabilities/39088

7.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

90.1%

JSON

Related for CVE-2007-6453

nessus1 nvd1 cvelist1 prion1