9 matches found
EUVD-2014-9813
Malware in sbrugna...
CVE-2014-125125
A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7.0, and earlier. The vulnerability resides in the handling of the filename parameter in the /xml/downloads endpoint, which fails to properly sanitize user input. An unauthenticated attacker can exploit...
CVE-2014-125125
A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7.0, and earlier. The vulnerability resides in the handling of the filename parameter in the /xml/downloads endpoint, which fails to properly sanitize user input. An unauthenticated attacker can exploit...
CVE-2014-125125
CVE-2014-125125 describes a path traversal flaw in A10 Networks AX Loadbalancer (versions 2.6.1-GR1-P5, 2.7.0, and earlier) where the filename parameter in the /xml/downloads endpoint is not properly sanitized. An unauthenticated attacker can craft HTTP requests with directory traversal sequences...
CVE-2014-125125 A10 Networks AX Loadbalancer Path Traversal
A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7.0, and earlier. The vulnerability resides in the handling of the filename parameter in the /xml/downloads endpoint, which fails to properly sanitize user input. An unauthenticated attacker can exploit...
CVE-2014-125125 A10 Networks AX Loadbalancer Path Traversal
A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7.0, and earlier. The vulnerability resides in the handling of the filename parameter in the /xml/downloads endpoint, which fails to properly sanitize user input. An unauthenticated attacker can exploit...
PT-2025-31545 · Undefined · Undefined
A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7.0, and earlier. The vulnerability resides in the handling of the filename parameter in the /xml/downloads endpoint, which fails to properly sanitize user input. An unauthenticated attacker can exploit...
A10 Networks AX Loadbalancer Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'A10 Networks AX Loadbalancer Directory Traversal', 'Description' = %q This module exploits a directory traversal flaw found in A10 Networks Soft ...
A10 Networks AX Loadbalancer Directory Traversal
This module exploits a directory traversal flaw found in A10 Networks Soft AX Loadbalancer version 2.6.1-GR1-P5/2.7.0 or less. When handling a file download request, the xml/downloads class fails to properly check the 'filename' parameter, which can be abused to read any file outside the virtual...