cbcvebase.
CVE-2009-1161
published 2009-05-21

CVE-2009-1161: Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified…

PriorityP355critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
12.55%
95.7th percentile
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_health_and_utilization_monitor
ciscociscoworks_health_and_utilization_monitor
ciscociscoworks_lan_management_solution
ciscociscoworks_lan_management_solution
ciscociscoworks_lan_management_solution
ciscociscoworks_lan_management_solution
ciscociscoworks_qos_policy_manager
ciscociscoworks_qos_policy_manager
ciscociscoworks_voice_manager
ciscociscoworks_voice_manager
ciscosecurity_manager
ciscosecurity_manager
ciscosecurity_manager
ciscotelepresence_readiness_assessment_manager
ciscounified_operations_manager
ciscounified_operations_manager
ciscounified_operations_manager
ciscounified_operations_manager

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.