CVE-2009-4645
published 2010-02-19CVE-2009-4645: Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read…
PriorityP343high7.8CVSS 2.0
AVNACLAuNCCINAN
EXPLOIT
EPSS
2.76%
84.4th percentile
Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
| accellion | secure_file_transfer_appliance | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Accellion Secure File Transfer Appliance 7 0 135 web_client_user_guide.html lang path traversal (EDB-33622 / XFDB-56246)
vuldb·2026-05-01·CVSS 7.8
CVE-2009-4645 [HIGH] Accellion Secure File Transfer Appliance 7 0 135 web_client_user_guide.html lang path traversal (EDB-33622 / XFDB-56246)
A vulnerability labeled as problematic has been found in Accellion Secure File Transfer Appliance 7 0 135. The impacted element is an unknown function of the file web_client_user_guide.html. The manipulation of the argument lang results in path traversal.
This vulnerability is cataloged as CVE-2009-4645. The attack may be launched remotely. Furthermore, there is an exploit available.
The affected component should be upgraded.
GHSA
GHSA-gq5c-v4hq-f57f: Directory traversal vulnerability in web_client_user_guide
ghsa_unreviewed·2022-05-02
CVE-2009-4645 [HIGH] CWE-22 GHSA-gq5c-v4hq-f57f: Directory traversal vulnerability in web_client_user_guide
Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/38538http://www.portcullis-security.com/340.phphttp://www.securityfocus.com/bid/38176https://exchange.xforce.ibmcloud.com/vulnerabilities/56246http://secunia.com/advisories/38538http://www.portcullis-security.com/340.phphttp://www.securityfocus.com/bid/38176https://exchange.xforce.ibmcloud.com/vulnerabilities/56246
2010-02-19
Published