CyberSec.Space Logo
返回 CVE 浏览器

CVE-2013-10063

PENDING
N/A
CVSS Severity Score
EPSS Score0.0580%
EPSS Percentile20.02th
Published2025年8月1日
Last Modified2026年4月15日

Vulnerability Description

A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb
🔗 https://web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002
🔗 https://www.exploit-db.com/exploits/24441
🔗 https://www.vulncheck.com/advisories/netgear-sph200d-path-traversal-via-http-get
🔗 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb
🔗 https://web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002
🔗 https://www.exploit-db.com/exploits/24441

相关漏洞威胁

CVE-2013-247010.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 a...

CVE-2013-247110.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 a...

CVE-2013-247210.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 a...

CVE-2013-247310.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 a...