Lucene search

[email protected]CVE-2015-5353

HistoryJul 01, 2015 - 4:59 p.m.

CVE-2015-5353

2015-07-0116:59:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2015-5353

directory traversal

novius os

vulnerability

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.1%

JSON

Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the tab parameter to admin/.

Affected configurations

NVD

Node

novius-osnovius_osMatch5.0.1

CPENameOperatorVersion
novius-os:novius_osnovius-os novius oseq5.0.1

CPE	Name	Operator	Version
novius-os:novius_os	novius-os novius os	eq	5.0.1

References

hyp3rlinx.altervista.org/advisories/AS-NOVIUSOS0629.txt

packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html

www.securityfocus.com/archive/1/535876/100/0/threaded

www.securityfocus.com/bid/75533

www.exploit-db.com/exploits/37439/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for CVE-2015-5353

nvd1 prion1 cvelist1 packetstorm1