CyberSec.Space Logo
返回 CVE 浏览器

CVE-2010-0962

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0580%
EPSS Percentile20.10th
Published2010年3月10日
Last Modified2026年4月29日

Vulnerability Description

The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.

Affected Platforms (CPE)

🔌
Apple

Airport Express

= 7.5
🔌
Apple

Airport Extreme

= 7.5
🔌
Apple

Time Capsule

= 7.5

References & Advisories

🔗 http://seclists.org/fulldisclosure/2010/Mar/106
🔗 http://www.securityfocus.com/archive/1/509867/100/0/threaded
🔗 http://www.securityfocus.com/archive/1/509974/100/0/threaded
🔗 http://www.securityfocus.com/bid/38543
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/56701
🔗 http://seclists.org/fulldisclosure/2010/Mar/106
🔗 http://www.securityfocus.com/archive/1/509867/100/0/threaded
🔗 http://www.securityfocus.com/archive/1/509974/100/0/threaded

相关漏洞威胁

CVE-2010-18047.1

Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort...

CVE-2009-21896.1

The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware ...

CVE-2005-02895.0

Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attack...

CVE-2005-37145.0

The network interface for Apple AirPort Express 6.x before Firmware Update 6.3, and AirPort Extreme 5.x before Firmware Update 5.7...