Directory Traversal Vulnerabilities in Motorola SURFBoard Cable Modem
CVE-2010-2307

Currently unrated

Key Information:

Vendor: Motorola
Status: Surfboard Sbv6120e
Vendor: CVE Published:; 16 June 2010

Summary

The web server in the Motorola SURFBoard SBV6120E cable modem exposes multiple directory traversal vulnerabilities. Attackers can exploit these weaknesses by crafting URLs that utilize multiple leading slashes ('//') or dot-dot sequences ('../'), allowing them to read arbitrary files on the affected system. This can lead to sensitive information leakage and unauthorized access to files, posing a significant risk if not mitigated.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/59113

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/40550

vdb-entryx_refsource_BID

http://www.exploit-db.com/exploits/12865

exploitx_refsource_EXPLOIT-DB

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 16, 2010
Vulnerability Reserved
Jun 16, 2010