Directory Traversal Vulnerabilities in BarracudaDrive Web Server by Barracuda Networks
CVE-2007-6317

Currently unrated

Key Information:

Vendor: Real Time Logic
Status: Barracudadrive Web Server; Barracudadrive Web Server Home Server
Vendor: CVE Published:; 12 December 2007

🔔 Create Real Time Logic Vulnerability Alert

What is CVE-2007-6317?

BarracudaDrive Web Server versions prior to 3.8 are susceptible to multiple directory traversal vulnerabilities. These vulnerabilities allow remote attackers to read arbitrary files by exploiting '..' (dot dot) sequences in the URL path. Additionally, authenticated users can leverage these same sequences in the 'dir' parameter to delete or create files and directories arbitrarily within the system. This poses significant risks to sensitive data and system integrity, necessitating immediate updates to mitigate potential exploitation.

References

http://www.securityfocus.com/archive/1/484833/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/28032

third-party-advisoryx_refsource_SECUNIA

http://aluigi.altervista.org/adv/barradrive-adv.txt

x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Dec 11, 2007

CVE-2007-6317 Data

JSON