Path Traversal Vulnerability in Netgear SPH200D Skype Phone Firmware
CVE-2013-10063
Key Information:
Badges
What is CVE-2013-10063?
A path traversal vulnerability identified in the firmware of the Netgear SPH200D Skype phone allows authenticated attackers to craft specific GET requests to manipulate the system. By injecting traversal sequences, these attackers can access files outside the web root of the embedded web server. This exploitation can lead to exposure of sensitive system files and configuration settings, potentially compromising the integrity and confidentiality of the device's data.
Affected Version(s)
SPH200D * <= 1.0.4.80
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved