- Description
- Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avirt:avirt_gateway_suite:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E44ECB72-BA5B-4BB4-86C7-2FF9F285229B"
}
],
"operator": "OR"
}
]
}
]