Software602: >> 602lan Suite Security Vulnerabilities
The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-06-09
Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter.
CVSS Score
6.4
EPSS Score
0.034
Published
2005-05-03
Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 allows remote authenticated users to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.
CVSS Score
5.0
EPSS Score
0.051
Published
2005-05-02
The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) by sending a POST request with a large Content-Length value, then disconnecting without sending that amount of data.
CVSS Score
5.0
EPSS Score
0.006
Published
2004-12-31
The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socket exhaustion) via a Telnet request to an IP address of the proxy's network interface, which causes a loop.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-12-31