Lucene search
MitreCVELIST:CVE-2014-2846HistoryApr 28, 2014 - 2:00 p.m.
CVE-2014-2846
2014-04-2814:00:00
mitre
www.cve.org
4
Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a …/./ (dot dot dot slash dot slash) in the lang Cookie parameter, as demonstrated by a request to login/doLogin.
Related
checkpoint_advisories
checkpoint_advisories
Western Digital Arkeia Remote Code Execution (CVE-2014-2846)
2014-07-28 00:00:00
securityvulns
securityvulns
prion
prion
Directory traversal
2014-04-28 14:09:00
cve
cve
CVE-2014-2846
2014-04-28 14:09:07
exploitdb
exploitdb
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
2014-04-24 00:00:00
openvas
openvas
Arkeia Appliance Path Traversal Vulnerability
2014-04-23 00:00:00
zdt
zdt
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion Vulnerability
2014-04-24 00:00:00
nvd
nvd
CVE-2014-2846
2014-04-28 14:09:07
nessus
nessus
seebug
seebug
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
2014-07-01 00:00:00
exploitpack
exploitpack
WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion
2014-04-24 00:00:00
packetstorm
packetstorm
WD Arkeia Virtual Appliance Directory Traversal / Command Execution
2014-04-23 00:00:00