CVE-2012-3380Path Traversal in Naxsi

CWE-22Path Traversal5 documents5 sources
Severity
2.1LOWNVD
EPSS
0.2%
top 62.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
F5 NginxWargio Naxsi
Timeline
PublishedAug 31
Latest updateMay 17

Description

Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDwargio/naxsi0.46
Debianf5/nginx< 1.2.1-2+3

Patches

Patch: code.google.comPatch: code.google.com

🔴Vulnerability Details

3
GHSA
GHSA-p669-548m-c7g3: Directory traversal vulnerability in naxsi-ui/nx_extract2022-05-17
CVEList
CVE-2012-3380: Directory traversal vulnerability in naxsi-ui/nx_extract2012-08-31
OSV
CVE-2012-3380: Directory traversal vulnerability in naxsi-ui/nx_extract2012-08-31

📋Vendor Advisories

1
Debian
CVE-2012-3380: nginx - Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module ...2012
CVE-2012-3380 — Path Traversal in Wargio Naxsi | cvebase