PT-2009-2208 · Todd Woolums · Todd Woolums Asp Download Management Script

Zigma

Published

2009-04-21

Updated

2017-09-29

CVE-2008-6739

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Todd Woolums ASP Download management script version 1.03

Description: The issue concerns a lack of authentication requirement for the setupdownload.asp page, allowing remote attackers to gain administrator privileges by making a direct request to this page. The estimated number of potentially affected devices worldwide is not available.

Recommendations: For Todd Woolums ASP Download management script version 1.03, consider implementing proper authentication mechanisms for the setupdownload.asp page to prevent unauthorized access.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2008-6739

Affected Products

Todd Woolums Asp Download Management Script

PT-2009-2208 · Todd Woolums · Todd Woolums Asp Download Management Script

CVE-2008-6739

Weakness Enumeration

Related Identifiers

Affected Products

References · 3