CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2009-4645

HIGH
7.8
CVSS Severity Score
EPSS Score0.1870%
EPSS Percentile11.71th
Published2010年2月19日
Last Modified2026年4月29日

Vulnerability Description

Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.

Affected Platforms (CPE)

🔌
Accellion

Secure File Transfer Appliance

= 7_0_135
🔌
Accellion

Secure File Transfer Appliance

= 7_0_178
🔌
Accellion

Secure File Transfer Appliance

= 7_0_189
🔌
Accellion

Secure File Transfer Appliance

= 7_0_259
🔌
Accellion

Secure File Transfer Appliance

= 7_0_296

References & Advisories

🔗 http://secunia.com/advisories/38538
🔗 http://www.portcullis-security.com/340.php
🔗 http://www.securityfocus.com/bid/38176
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/56246
🔗 http://secunia.com/advisories/38538
🔗 http://www.portcullis-security.com/340.php
🔗 http://www.securityfocus.com/bid/38176
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/56246

相關漏洞威脅

CVE-2009-46449.0

Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell ...

CVE-2009-46469.0

Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote ...

CVE-2018-14538.8

IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous type...

CVE-2009-46487.2

Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that...