PT-2006-6315 · Inca · Inca Im-204

Crackers_Child

Published

2006-10-30

Updated

2018-10-17

CVE-2006-5607

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: INCA IM-204

Description: A directory traversal issue exists in the /cgi-bin/webcm module, allowing remote attackers to read arbitrary files. This is achieved by using "/./." sequences in the getpage parameter.

Recommendations: For INCA IM-204, consider restricting access to the /cgi-bin/webcm module until a fix is available. As a temporary workaround, avoid using the getpage parameter in the affected API endpoint until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5607

Affected Products

Inca Im-204

PT-2006-6315 · Inca · Inca Im-204

CVE-2006-5607

Related Identifiers

Affected Products

References · 7