CVE-2022-22836 CoreFTP Server 727 allows directory traversal via ../ in an HTTP PUT request.

CVE-2022-22836 CoreFTP Server 727 allows directory traversal via ../ in an HTTP PUT request.

An attacker can exploit this issue by creating a malicious directory with a crafted name, such as ../../../../../../../../etc/passwd. A successful exploit can allow an attacker to create arbitrary files on the server. This issue has been assigned the identifier CVE-2018-5407. Cisco has assigned the following mitigations for this issue: Do not allow directory traversal operators (..) in URLs.

Disable directory traversal for any APIs that might allow it, such as cURL and Python.

Disable chmod on critical system files (e.g., /etc/passwd).

Disable file creation via uuencode or similar utilities.

Disable ftp:// URIs.

Disable ftps:// URIs.

Disable ftps transfer via SSL.

Disable ftps transfer via FTP over TLS. Cisco supports the following mitigations for this issue: Restrict access to the filesystem via SFTP or FTPS.

Enable chmod on critical system files (e.g., /etc/passwd).

CVE-2018-5713 A vulnerability in the Web interface of Cisco AnyConnect Secure Mobility Client before 4.8 allows remote attackers to perform unauthorized actions via crafted HTTP requests. The vulnerability exists because the application does not properly restrict requests. An attacker can exploit this vulnerability by sending an HTTP request to the targeted system. Cisco has assigned the following vulnerability identifier: CVE-2018-57

#Summary br aggarts


An attacker can exploit this vulnerability by sending an HTTP request to the targeted system.

Overview of Vulnerability

Cisco has assigned the following vulnerability identifier to this issue: CVE-2018-5713. This vulnerability is also known as a cookie injection vulnerability. An attacker can exploit this issue by sending an HTTP request to the targeted system. When the targeted system processes the HTTP request, it unnecessarily generates a cookie and sends that cookie back to the attacker. An attacker can use this information to perform unauthorized actions on the targeted system, such as uploading files or accessing data without authorization. Cisco has assigned the following mitigations for this issue: Restrict access to the filesystem via SFTP or FTPS.
Cisco supports the following mitigations for this issue: Restrict access to the filesystem via SFTP or FTPS.

Description of the vulnerability

A vulnerability in the Web interface of Cisco AnyConnect Secure Mobility Client before 4.8 allows remote attackers to perform unauthorized actions via crafted HTTP requests. The vulnerability exists because the application does not properly restrict requests. An attacker can exploit this vulnerability by sending an HTTP request to the targeted system.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe