CVE-2010-0039

LOW

2.6

CVSS Severity Score

EPSS Score0.1190%

EPSS Percentile17.87th

Published2010年12月22日

Last Modified2026年4月29日

Vulnerability Description

The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 modifies PORT commands in incoming FTP traffic, which allows remote attackers to use the device's IP address for arbitrary intranet TCP traffic by leveraging write access to an intranet FTP server.

Affected Platforms (CPE)

🔌

Apple

Airport Express Base Station Firmware

<= 7.4.2

🔌

Apple

Airport Express Base Station Firmware

= 3.84

🔌

Apple

Airport Express Base Station Firmware

= 4.0.9

🔌

Apple

Airport Express Base Station Firmware

= 6.1

🔌

Apple

Airport Express Base Station Firmware

= 6.3

🔌

Apple

Airport Express Base Station Firmware

= 7.3.2

🔌

Apple

Airport Express Base Station Firmware

= 7.4.1

🔌

Apple

Airport Extreme Base Station Firmware

= 5.5

🔌

Apple

Airport Extreme Base Station Firmware

= 5.7

🔌

Apple

Airport Express

All versions

🔌

Apple

Airport Extreme

All versions

🔌

Apple

Time Capsule

All versions

References & Advisories

🔗 http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

🔗 http://support.apple.com/kb/HT4298

🔗 http://www.securitytracker.com/id?1024907

🔗 http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

🔗 http://support.apple.com/kb/HT4298

🔗 http://www.securitytracker.com/id?1024907

Vulnerability Description

Affected Platforms (CPE)

Airport Express Base Station Firmware

Airport Express Base Station Firmware

Airport Express Base Station Firmware

Airport Express Base Station Firmware

Airport Express Base Station Firmware

Airport Express Base Station Firmware

Airport Express Base Station Firmware

Airport Extreme Base Station Firmware

Airport Extreme Base Station Firmware

Airport Express

Airport Extreme

Time Capsule

References & Advisories

相關漏洞威脅