CVE-2009-1730

{"id": "CVE-2009-1730", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-05-20T18:30:00.377", "references": [{"url": "http://secunia.com/advisories/35131", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.princeofnigeria.org/blogs/index.php/2009/05/17/netdecision-tftp-server-4-2-tftp-directo?blog=1", "tags": ["URL Repurposed"], "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/35002", "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50574", "source": "[email protected]"}, {"url": "http://secunia.com/advisories/35131", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.princeofnigeria.org/blogs/index.php/2009/05/17/netdecision-tftp-server-4-2-tftp-directo?blog=1", "tags": ["URL Repurposed"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/35002", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50574", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de salto de directorio en NetMechanica NetDecision TFTP Server v4.2, permite a los atacantes remotos leer o modificar arbitrariamente archivos a trav\u00e9s de una secuencia de salto de directorio en el comandos (1) GET o (2) PUT"}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netmechanica:netdecision_tftp_server:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78134BCD-15B2-42AF-8629-F684465915A9"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}