Remote File Access Vulnerability in BlackBerry Link Software
CVE-2013-3694

Currently unrated

Key Information:

Vendor: Blackberry
Status: Blackberry Link
Vendor: CVE Published:; 18 November 2013

What is CVE-2013-3694?

The BlackBerry Link software prior to specific versions exposes a vulnerability that does not mandate authentication for remote file-access folders. This flaw allows remote attackers to exploit the system through IPv6 WebDAV requests, potentially enabling them to read or create arbitrary files. Attackers may utilize techniques such as CSRF combined with DNS rebinding to manipulate these requests, posing significant security risks to users' data.

References

http://blog.cmpxchg8b.com/2013/11/qnx.html

x_refsource_MISC

http://www.blackberry.com/btsc/KB35315

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 18, 2013

Blackberry

What is CVE-2013-3694?

References

Timeline