Vulnerability Details CVE-2010-2307
Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.058
EPSS Ranking 90.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/40054
- http://www.exploit-db.com/exploits/12865
- http://www.osvdb.org/65249
- http://www.securityfocus.com/bid/40550
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59113
- http://secunia.com/advisories/40054
- http://www.exploit-db.com/exploits/12865
- http://www.osvdb.org/65249
- http://www.securityfocus.com/bid/40550
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59113
Products affected by CVE-2010-2307
-
cpe:2.3:h:motorola:surfboard_sbv6120e:sbv6x2x-1.0.0.5-scm-02-shpc