Vulnerability CVE-2018-8770


Published: 2018-03-18

Description:
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php in tests/.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Cobub Razor 0.8.0 Path Disclosure
Kyhvedn
22.04.2018

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Westernbridgegroup -> Razor 

 References:
https://github.com/Kyhvedn/CVE_Description/blob/master/Cobub_Razor_0.8.0_more_physical_path_leakage.md
https://www.exploit-db.com/exploits/44495/

Copyright 2024, cxsecurity.com

 

Back to Top