Vulnerability Details CVE-2002-1677
14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine the physical path to the web root directory via a request with an invalid cfg parameter, which generates an error message that reveals the path.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0421.html
- http://online.securityfocus.com/archive/1/254278
- http://www.securityfocus.com/bid/4021
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8070
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0421.html
- http://online.securityfocus.com/archive/1/254278
- http://www.securityfocus.com/bid/4021
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8070
Products affected by CVE-2002-1677
-
cpe:2.3:a:mrtg:mrtgconfig:0.5.9