Arbitrary File Upload Vulnerability in Cisco Emergency Responder
CVE-2015-6407

Currently unrated

Key Information:

Vendor: Cisco
Status: Emergency Responder
Vendor: CVE Published:; 13 December 2015

What is CVE-2015-6407?

A vulnerability exists in Cisco Emergency Responder 10.5(3.10000.9) that allows a remote attacker to upload files to arbitrary locations on the server. This issue is triggered through a crafted parameter, potentially leading to unauthorized access and manipulation of the system. Protecting against this vulnerability requires immediate patching and monitoring of file upload functionalities to prevent exploitation.

References

http://www.securitytracker.com/id/1034383

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/78817

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2015
Vulnerability Reserved
Aug 17, 2015