Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0174 — Communicator vulnerability

4 documents4 sources

Severity

6.4MEDIUMNVD

EPSS

8.1%

top 7.86%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedFeb 1

Latest updateApr 30

Description

The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

GHSA

GHSA-mfjc-659f-pj9j: The view-source CGI program allows remote attackers to read arbitrary files via a↗2022-04-30

▶

CVEList

CVE-1999-0174: The view-source CGI program allows remote attackers to read arbitrary files via a↗1999-09-29

▶

Exploit-DB

Skunkware 2.0 - view-source Directory Traversal↗1997-04-16

▶