Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5969

Overview

Vulnerability Score 4.8 4.8
CVE Id CVE-2012-5969
Last Modified 19 Dec 2012 12:00:00
Published 19 Dec 2012 06:55:59
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5969

Summary

Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi.

Vulnerable Systems


References

CERT-VN - VU#871148

CONFIRM - http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-198239.htm


Last Updated: 27 May 2016 10:58:31