CVE Daily

CVE-2010-4598

Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier all...

Medium CVSS 5.0

Overview

Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.

CWE: CWE-22 Published: 2010-12-23T18:00:03.977
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.0 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags