CVE-2019-13408

High

A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files…

twcert·CWE-23·Published 2019-08-29

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

217 chars

A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.

NVDen

217 chars

NVDes

268 chars

Una vulnerabilidad de recorrido de ruta relativa encontrada en las versiones de firmware de Advan VD-1 hasta 230. Permite a los atacantes descargar archivos arbitrarios a través de url cgibin/ExportSettings.cgi? Ruta de descarga de archivos, sin ninguna autenticación.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N