Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-0888

EPSS 6.95% · P91
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-0888

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) sequences in the pathname argument to an FTP (1) GET or (2) PUT command.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Kiwi CatTools TFTP目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Kiwi CatTools是一个管理网络设备如路由器、交换机与防火墙的工具。 CatTools TFTP服务器处理请求时存在输入验证漏洞,远程攻击者可能利用此漏洞遍历服务器目录访问任意文件。 CatTools TFTP服务器没有正确检查请求文件路径中的目录遍历串,允许远程攻击者通过特制的目录遍历序列向TFTP根目录以外的任意位置上传或下载任意文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-0888

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-0888

Please Login to view more intelligence information

Same Patch Batch · n/a · 2007-02-12 · 44 CVEs total

CVE-2007-0875mcRefer SQL注入漏洞
CVE-2006-6998Headstart Solutions DeskPRO 'loader_help.php'信息泄露漏洞
CVE-2007-0877March Networks DVR 3000和4000 Digital Video Recorders未明漏洞
CVE-2006-6999Headstart Solutions DeskPRO 'attachment.php'任意文件读取漏洞
CVE-2006-6993Neuron Blog 'pages/addcomment2.php'SQL注入漏洞
CVE-2006-6994OzzyWork Gallery add.asp无限制文件上传漏洞
CVE-2006-6995V3 Chat mycontacts.php权限提升漏洞
CVE-2006-6996warforge.NEWS 多个跨站脚本攻击漏洞
CVE-2006-6997MailEnable Standard Edition密码特征未明漏洞
CVE-2005-4828Kolab Server本地漏洞
CVE-2007-0876Qdig QWD 高级URI跨站脚本攻击漏洞
CVE-2007-0874Allons_voter 多个认证绕过漏洞
CVE-2007-0873Nabopoll survey.inc.php远程文件包含漏洞
CVE-2007-0872Mozilla Firefox Plain Old Webserver (POW) 附加装置目录遍历漏洞
CVE-2007-0871eXtremePow eXtreme File Hosting无限制文件上传漏洞
CVE-2006-7002Wheatblog (wB) 'add_comment.php' 跨站脚本攻击漏洞
CVE-2006-7001PhpMyChat Plus 'avatar.php'目录遍历漏洞
CVE-2007-0885Rainbow 'BrowseProject.jsp'跨站脚本攻击漏洞
CVE-2007-0884Roaring Penguin Software MIMEDefang远程缓冲区溢出漏洞
CVE-2007-0883IP3 NetAccess远程目录遍历漏洞

Showing top 20 of 44 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-0888

No comments yet

Leave a comment