Source Code Exposure in BarracudaDrive Web Server
CVE-2007-6314

Currently unrated

Key Information:

Vendor: Real Time Logic
Status: Barracudadrive Web Server; Barracudadrive Web Server Home Server
Vendor: CVE Published:; 12 December 2007

🔔 Create Real Time Logic Vulnerability Alert

What is CVE-2007-6314?

The BarracudaDrive Web Server prior to version 3.8 is vulnerable to a source code disclosure attack, whereby remote attackers can exploit the server by appending special characters to the file name in a URL, such as a plus sign (+), dot (.), or the URL-encoded %80. This flaw allows unauthorized access to sensitive web scripts, potentially leading to further exploitation and security breaches.

References

http://www.securityfocus.com/archive/1/484833/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/38972

vdb-entryx_refsource_XF

http://secunia.com/advisories/28032

third-party-advisoryx_refsource_SECUNIA

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Dec 11, 2007

CVE-2007-6314 Data

JSON