Vulners
Lucene search
keware technologies homeseer 1.4 - Directory Traversal vulnerability
source: http://www.securityfocus.com/bid/2085/info
Keware Technologies HomeSeer is a home automation application which enables users to control various housewares and appliances locally or remotely via a web interface.
It is possible for a remote user to gain access to any known file outside of the HomeSeer directory on the root directory. A specially crafted HTTP request comprised of '../' and the known filename, will display the contents of the particular file with read permissions.
Successful exploitation of this vulnerability could enable a remote user to gain access to systems files, password files, etc. This could lead to a complete compromise of the host.
http://target/../../../filename.ext
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1