ID CVE-2019-16903
Type cve
Reporter cve@mitre.org
Modified 2019-09-26T16:44:00
Description
Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead.
{"id": "CVE-2019-16903", "bulletinFamily": "NVD", "title": "CVE-2019-16903", "description": "Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead.", "published": "2019-09-26T11:15:00", "modified": "2019-09-26T16:44:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16903", "reporter": "cve@mitre.org", "references": ["https://github.com/plutinosoft/Platinum/issues/22", "http://www.iwantacve.cn/index.php/archives/349/"], "cvelist": ["CVE-2019-16903"], "type": "cve", "lastseen": "2019-09-27T11:11:58", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "58488e19f72fa75e4df9cea184e111c6"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "de247e382d1497a22b92a5bcc476e8e2"}, {"key": "cpe23", "hash": "d1f8f279445a084d1dc10e5cc6d61ba6"}, {"key": "cvelist", "hash": "f798f0896b8f928971373f12bb91f485"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "9bc143c7676b7e5a3fd9537d7507310b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "0658497da393ba8e7c2a5f76cfc6647b"}, {"key": "description", "hash": "3ab1c56d04db0dfaec99a62673dc4874"}, {"key": "href", "hash": "f8497f2e01ddcad1b9a20552fc81ffde"}, {"key": "modified", "hash": "be1b12bf497494e5536ebb87044ba4a9"}, {"key": "published", "hash": "01cb47106eed879ee01d1414fbe918a3"}, {"key": "references", "hash": "c817ab2e59a6f49651e978b227f0d7ad"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "ed7d8d04cfd0260b633627b0d3ebad61"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3d0a9e0561551189511f7ed01b751c29cdca3a702e23afc699ef9048b565a29a", "viewCount": 1, "enchantments": {"dependencies": {"references": [], "modified": "2019-09-27T11:11:58"}, "score": {"value": 3.7, "vector": "NONE", "modified": "2019-09-27T11:11:58"}, "vulnersScore": 3.7}, "objectVersion": "1.3", "cpe": ["cpe:/a:plutinosoft:platinum:1.2.0"], "affectedSoftware": [{"name": "plutinosoft platinum", "operator": "eq", "version": "1.2.0"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:plutinosoft:platinum:1.2.0:*:*:*:*:*:*:*"], "cwe": ["CWE-22"]}
{}