Vulnerability Details CVE-2006-5596
Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.09
EPSS Ranking 92.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/22550
- http://www.securityfocus.com/bid/20722
- http://www.vupen.com/english/advisories/2006/4224
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29817
- https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c
- https://www.exploit-db.com/exploits/2637
- http://secunia.com/advisories/22550
- http://www.securityfocus.com/bid/20722
- http://www.vupen.com/english/advisories/2006/4224
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29817
- https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c
- https://www.exploit-db.com/exploits/2637
Products affected by CVE-2006-5596
-
cpe:2.3:a:aep_networks:smartgate_ssl_server:4.3b