2 matches found
CVE-2016-6371
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment HCM-F 10.63 and earlier allows remote attackers to write to arbitrary files via a crafted URL, aka Bug ID CSCuz64717...
CVE-2016-6371
CVE-2016-6371 describes a directory traversal flaw in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) web interface (vulnerable in 10.6(3) and earlier). The root cause is insufficient validation of the HTTP URL, enabling an unauthenticated, remote attacker to write arbitrary files via a ...