CVE-2010-0620
🔴 Łataj teraz
Luka w przejściu katalogów w EMC HomeBase Server pozwala na zdalne nadpisanie plików i wykonanie kodu.
CVSS
9.3
EPSS
3.9%
Exploit
poc
Vendor
emc
Opis źródłowy (NVD)
Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.
exploit path-traversal
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.3 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 3.9% |
| Opublikowano (NVD) | 2010-02-25 00:30:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-29 01:13:23 UTC |
Referencje
- http://securityreason.com/securityalert/8230 (security_alert@emc.com)
- http://www.securityfocus.com/archive/1/509723/100/0/threaded (security_alert@emc.com)
- http://www.securityfocus.com/bid/38380 (security_alert@emc.com) [Exploit]
- http://www.vupen.com/english/advisories/2010/0458 (security_alert@emc.com) [Vendor Advisory]
- http://www.zerodayinitiative.com/advisories/ZDI-10-020/ (security_alert@emc.com)