CVE-2017-15805

2017-10-23 10:29:00 2017-11-08 17:45:11

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Cisco Small business sa520 firmware 2.1.71 (not an official CPE) Cisco Small business sa520 firmware 2.2.0.7 (not an official CPE) Cisco Small business sa540 firmware 2.1.71 (not an official CPE) Cisco Small business sa540 firmware 2.2.0.7 (not an official CPE)

Cisco - Small business sa520 firmware Cisco - Small business sa540 firmware

Advisory	Patch	Confirmed	Link
			https://www.fwhibbit.es/lfi-en-cisco-small-business-sa50...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (ID 22)

Related CAPEC 7 Relative Path Traversal (CAPEC-ID 139) Directory Traversal (CAPEC-ID 213) File System Function Injection, Content Based (CAPEC-ID 23) Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64) Manipulating Input to File System Calls (CAPEC-ID 76) Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78) Using Slashes in Alternate Encoding (CAPEC-ID 79)