CVE-2010-3460

Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
gecadaxigen_mail_server
𝑥
≤ 7.4.1
gecadaxigen_mail_server
-
gecadaxigen_mail_server
1.0.1
gecadaxigen_mail_server
1.0.2
gecadaxigen_mail_server
1.0.5
gecadaxigen_mail_server
1.0.6
gecadaxigen_mail_server
1.0.7
gecadaxigen_mail_server
1.1.0
gecadaxigen_mail_server
1.1.0:beta1
gecadaxigen_mail_server
1.1.1
gecadaxigen_mail_server
1.2.0
gecadaxigen_mail_server
1.2.0:beta
gecadaxigen_mail_server
1.2.3
gecadaxigen_mail_server
1.2.4
gecadaxigen_mail_server
1.2.5
gecadaxigen_mail_server
1.2.5:b
gecadaxigen_mail_server
1.2.6
gecadaxigen_mail_server
2.0
gecadaxigen_mail_server
2.0.3
gecadaxigen_mail_server
2.0.4
gecadaxigen_mail_server
2.0.5
gecadaxigen_mail_server
3.0
gecadaxigen_mail_server
3.0:beta
gecadaxigen_mail_server
3.0.1
gecadaxigen_mail_server
4.0
gecadaxigen_mail_server
4.0:beta
gecadaxigen_mail_server
4.0.1
gecadaxigen_mail_server
4.0.2
gecadaxigen_mail_server
5.0
gecadaxigen_mail_server
5.0:beta
gecadaxigen_mail_server
5.0.1
gecadaxigen_mail_server
5.0.2
gecadaxigen_mail_server
5.0.3
gecadaxigen_mail_server
6.0.1
gecadaxigen_mail_server
6.1
gecadaxigen_mail_server
6.1:beta
gecadaxigen_mail_server
6.2
gecadaxigen_mail_server
6.2.2
gecadaxigen_mail_server
7.0
gecadaxigen_mail_server
7.0:beta
gecadaxigen_mail_server
7.1
gecadaxigen_mail_server
7.1.1
gecadaxigen_mail_server
7.1.2
gecadaxigen_mail_server
7.1.3
gecadaxigen_mail_server
7.1.4
gecadaxigen_mail_server
7.2
gecadaxigen_mail_server
7.2:beta
gecadaxigen_mail_server
7.2.1
gecadaxigen_mail_server
7.3
gecadaxigen_mail_server
7.3:beta
gecadaxigen_mail_server
7.3.1
gecadaxigen_mail_server
7.3.2
gecadaxigen_mail_server
7.3.3
gecadaxigen_mail_server
7.4
gecadaxigen_mail_server
7.4:beta
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.org/1009-exploits/axigen741-traversal.txt
http://secunia.com/advisories/41430
http://www.acunetix.com/blog/news/directory-traversal-axigen/
http://www.axigen.com/press/product-releases/axigen-releases-version-742_74.html
http://www.osvdb.org/68027
http://www.securityfocus.com/bid/43230
http://www.vupen.com/english/advisories/2010/2415
https://exchange.xforce.ibmcloud.com/vulnerabilities/61826
http://packetstormsecurity.org/1009-exploits/axigen741-traversal.txt
http://secunia.com/advisories/41430
http://www.acunetix.com/blog/news/directory-traversal-axigen/
http://www.axigen.com/press/product-releases/axigen-releases-version-742_74.html
http://www.osvdb.org/68027
http://www.securityfocus.com/bid/43230
http://www.vupen.com/english/advisories/2010/2415
https://exchange.xforce.ibmcloud.com/vulnerabilities/61826