CVE Reference: CVE-2010-2307

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-2307

Description:
Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/59113

SAID
  Secunia Advisory: SA40054

OSVDB
  65249

EXPLOIT-DB
  http://www.exploit-db.com/exploits/12865

BID
  40550


Return to the previous page.