CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-25333

HIGH
7.5
CVSS Severity Score
EPSS Score0.0420%
EPSS Percentile10.91th
Published2026年2月12日
Last Modified2026年4月15日

Vulnerability Description

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive files like /etc/passwd outside the web root directory.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://web.archive.org/web/20190729023518/http://www.bullwark.net/
🔗 https://www.exploit-db.com/exploits/47773
🔗 https://www.vulncheck.com/advisories/bullwark-momentum-series-jaws-momentum-series-jaws

関連する脆弱性情報

CVE-2019-1151010.0

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated rem...

CVE-2019-186710.0

A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypa...

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-954810.0

Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control.