CVE-2016-0754
published 2016-01-29CVE-2016-0754: cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file…
PriorityP428medium5.3CVSS 3.0
AVNACLPRNUINSUCNILAN
EPSS
0.35%
58.0th percentile
cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | curl | — | — |
| haxx | curl | <= 7.46.0 | — |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
vendor_debian5.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p8rx-wpgr-v4vx: cURL before 7
ghsa_unreviewed·2022-05-17
CVE-2016-0754 [MEDIUM] CWE-20 GHSA-p8rx-wpgr-v4vx: cURL before 7
cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.
Debian
CVE-2016-0754: curl - cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in th...
vendor_debian·2016·CVSS 5.3
CVE-2016-0754 [MEDIUM] CVE-2016-0754: curl - cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in th...
cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2016-01-29
Published