cbcvebase.
CVE-2007-5005
published 2007-10-01

CVE-2007-5005: Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows…

PriorityP344critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.24%
91.5th percentile
Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.

Affected

9 ranges
VendorProductVersion rangeFixed in
broadcombrightstor_arcserve_backup_laptops_desktops
broadcombrightstor_arcserve_backup_laptops_desktops
broadcombrightstor_arcserve_backup_laptops_desktops
broadcombrightstor_arcserve_backup_laptops_desktops
broadcomdesktop_management_suite
broadcomdesktop_management_suite
broadcomdesktop_management_suite
caprotection_suites
msrcmicrosoft_edge

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.