Directory Traversal Flaws in Bitdefender GravityZone by Bitdefender
CVE-2014-5350

Currently unrated

Key Information:

Vendor: Bitdefender
Status: Gravityzone
Vendor: CVE Published:; 19 August 2014

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2014-5350?

Multiple directory traversal vulnerabilities exist in Bitdefender GravityZone prior to version 5.1.11.432, which allow remote attackers to exploit these flaws and read arbitrary files. These vulnerabilities can be triggered by specific manipulations of the 'id' parameter in the web console or through the default URI on the Update Server, posing a significant risk of unauthorized access to sensitive information.

References

https://www.sec-consult.com/fxdata/seccons/prod/temedia/a...

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Jul/78

mailing-listx_refsource_FULLDISC

http://www.bitdefender.com/support/how-to-configure-iptab...

x_refsource_CONFIRM

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 19, 2014