PT-2009-2208 · Todd Woolums · Todd Woolums Asp Download Management Script

Zigma

Publicado

2009-04-21

Atualizado

2017-09-29

CVE-2008-6739

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Todd Woolums ASP Download management script version 1.03

Description: The issue concerns a lack of authentication requirement for the setupdownload.asp page, allowing remote attackers to gain administrator privileges by making a direct request to this page. The estimated number of potentially affected devices worldwide is not available.

Recommendations: For Todd Woolums ASP Download management script version 1.03, consider implementing proper authentication mechanisms for the setupdownload.asp page to prevent unauthorized access.

Exploit

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2008-6739

Produtos afetados

Todd Woolums Asp Download Management Script

PT-2009-2208 · Todd Woolums · Todd Woolums Asp Download Management Script

CVE-2008-6739

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3