9.3
CVE-2010-3097
- EPSS 0.18%
- Published 20.08.2010 20:00:03
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.
Data is provided by the National Vulnerability Database (NVD)
Winfrigate ≫ Frigate 3 Version <= 3.36
Winfrigate ≫ Frigate 3 Version3.17
Winfrigate ≫ Frigate 3 Version3.18
Winfrigate ≫ Frigate 3 Version3.19
Winfrigate ≫ Frigate 3 Version3.20
Winfrigate ≫ Frigate 3 Version3.21
Winfrigate ≫ Frigate 3 Version3.22
Winfrigate ≫ Frigate 3 Version3.23
Winfrigate ≫ Frigate 3 Version3.24
Winfrigate ≫ Frigate 3 Version3.25
Winfrigate ≫ Frigate 3 Version3.26
Winfrigate ≫ Frigate 3 Version3.27
Winfrigate ≫ Frigate 3 Version3.28
Winfrigate ≫ Frigate 3 Version3.29
Winfrigate ≫ Frigate 3 Version3.30
Winfrigate ≫ Frigate 3 Version3.31
Winfrigate ≫ Frigate 3 Version3.32
Winfrigate ≫ Frigate 3 Version3.33
Winfrigate ≫ Frigate 3 Version3.34
Winfrigate ≫ Frigate 3 Version3.35
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.357 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.