CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2749

Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.0%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2004-2749

2wire » Homeportal » Version: 1000

cpe:2.3:a:2wire:homeportal:1000
2wire » Homeportal » Version: 1000s

cpe:2.3:a:2wire:homeportal:1000s
2wire » Homeportal » Version: 1000sw

cpe:2.3:a:2wire:homeportal:1000sw
2wire » Homeportal » Version: 1000w

cpe:2.3:a:2wire:homeportal:1000w
2wire » Homeportal » Version: 100s

cpe:2.3:a:2wire:homeportal:100s
2wire » Homeportal » Version: 100w

cpe:2.3:a:2wire:homeportal:100w
2wire » Homeportal » Version: 1500w

cpe:2.3:a:2wire:homeportal:1500w

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2749

Products

Pricing

Contact Us