Hosting Controller: Security Vulnerabilities
Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrowse.asp.
CVSS Score
5.0
EPSS Score
0.008
Published
2002-08-12
Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.
CVSS Score
6.4
EPSS Score
0.012
Published
2002-08-12
imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath.
CVSS Score
10.0
EPSS Score
0.01
Published
2002-08-12
Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed.
CVSS Score
10.0
EPSS Score
0.013
Published
2002-08-12
browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.
CVSS Score
5.0
EPSS Score
0.006
Published
2002-08-12
getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.
CVSS Score
7.5
EPSS Score
0.009
Published
2002-08-12
The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-05-16
Page 4