Details of VAR-201006-0378

ID

VAR-201006-0378

CVE

CVE-2010-2307

TITLE

Motorola SBV6120E SURFboard Digital Voice Modem Directory Traversal Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2010-1043 // BID: 40550

DESCRIPTION

Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request. Motorola SBV6120E SURFboard Digital Voice Modem is a data audio modem. Motorola SBV6120E SURFboard Digital Voice Modem incorrectly filters user-submitted URI requests, and remote attackers can exploit the vulnerability to view system file content with WEB permissions. Exploiting this issue can allow an attacker to obtain sensitive information that may aid in further attacks. ---------------------------------------------------------------------- Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management Free webinars http://secunia.com/vulnerability_scanning/corporate/webinars/ ---------------------------------------------------------------------- TITLE: Motorola SURFBoard SBV6120E Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA40054 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40054/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40054 RELEASE DATE: 2010-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/40054/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40054/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40054 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Motorola SURFBoard SBV6120E, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error when handling certain HTTP requests. This can be exploited to e.g. The vulnerability is reported in firmware version SBV6X2X-1.0.0.5-SCM-02-SHPC. Other versions may also be affected. SOLUTION: Filter malicious requests using a proxy. PROVIDED AND/OR DISCOVERED BY: S2 Crew ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12865/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2010-2307 // JVNDB: JVNDB-2010-004879 // CNVD: CNVD-2010-1043 // BID: 40550 // VULMON: CVE-2010-2307 // PACKETSTORM: 90458

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2010-1043

AFFECTED PRODUCTS

vendor:	motorola	model:	surfboard sbv6120e	scope:	eq	version:	sbv6x2x-1.0.0.5-scm-02-shpc	Trust: 2.4
vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	motorola	model:	sbv6120e surfboard digital voice modem sbv6x2x-1.0.0.5-scm-	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2010-1043 // BID: 40550 // JVNDB: JVNDB-2010-004879 // CNNVD: CNNVD-201006-273 // NVD: CVE-2010-2307

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-2307
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2010-2307
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201006-273
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2010-2307
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2010-2307
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

sources: VULMON: CVE-2010-2307 // JVNDB: JVNDB-2010-004879 // CNNVD: CNNVD-201006-273 // NVD: CVE-2010-2307

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2010-004879 // NVD: CVE-2010-2307

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201006-273

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201006-273

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-004879

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2010-2307

PATCH

title:	Top Page	url:	http://www.motorola.com/us/consumers/home	Trust: 0.8
title:	Kenzer Templates [5170] [DEPRECATED]	url:	https://github.com/ARPSyndicate/kenzer-templates	Trust: 0.1

sources: VULMON: CVE-2010-2307 // JVNDB: JVNDB-2010-004879

EXTERNAL IDS

db:	NVD	id:	CVE-2010-2307	Trust: 2.8
db:	BID	id:	40550	Trust: 2.6
db:	SECUNIA	id:	40054	Trust: 1.9
db:	EXPLOIT-DB	id:	12865	Trust: 1.8
db:	OSVDB	id:	65249	Trust: 1.7
db:	JVNDB	id:	JVNDB-2010-004879	Trust: 0.8
db:	CNVD	id:	CNVD-2010-1043	Trust: 0.6
db:	XF	id:	59113	Trust: 0.6
db:	CNNVD	id:	CNNVD-201006-273	Trust: 0.6
db:	VULMON	id:	CVE-2010-2307	Trust: 0.1
db:	PACKETSTORM	id:	90458	Trust: 0.1

sources: CNVD: CNVD-2010-1043 // VULMON: CVE-2010-2307 // BID: 40550 // JVNDB: JVNDB-2010-004879 // PACKETSTORM: 90458 // CNNVD: CNNVD-201006-273 // NVD: CVE-2010-2307

REFERENCES

url:	http://www.securityfocus.com/bid/40550	Trust: 2.3
url:	http://www.osvdb.org/65249	Trust: 1.7
url:	http://www.exploit-db.com/exploits/12865	Trust: 1.7
url:	http://secunia.com/advisories/40054	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/59113	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2307	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2307	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/59113	Trust: 0.6
url:	http://www.motorola.com/business/us-en/business+product+and+services/cable+broadband/surfboard+modems+and+gateways/sbv6120e+digital+voice+modem_us-en	Trust: 0.3
url:	https://www.exploit-db.com/exploits/12865/	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/22.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/arpsyndicate/kenzer-templates	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=40054	Trust: 0.1
url:	http://secunia.com/products/corporate/evm/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/webinars/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/40054/	Trust: 0.1
url:	http://secunia.com/advisories/40054/#comments	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2010-1043 // VULMON: CVE-2010-2307 // BID: 40550 // JVNDB: JVNDB-2010-004879 // PACKETSTORM: 90458 // CNNVD: CNNVD-201006-273 // NVD: CVE-2010-2307

CREDITS

S2 Crew

Trust: 0.9

sources: BID: 40550 // CNNVD: CNNVD-201006-273

SOURCES

db:	CNVD	id:	CNVD-2010-1043
db:	VULMON	id:	CVE-2010-2307
db:	BID	id:	40550
db:	JVNDB	id:	JVNDB-2010-004879
db:	PACKETSTORM	id:	90458
db:	CNNVD	id:	CNNVD-201006-273
db:	NVD	id:	CVE-2010-2307

LAST UPDATE DATE

2025-04-11T23:19:06.023000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2010-1043	date:	2010-06-04T00:00:00
db:	VULMON	id:	CVE-2010-2307	date:	2017-08-17T00:00:00
db:	BID	id:	40550	date:	2015-04-13T21:02:00
db:	JVNDB	id:	JVNDB-2010-004879	date:	2012-09-25T00:00:00
db:	CNNVD	id:	CNNVD-201006-273	date:	2010-06-21T00:00:00
db:	NVD	id:	CVE-2010-2307	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2010-1043	date:	2010-06-04T00:00:00
db:	VULMON	id:	CVE-2010-2307	date:	2010-06-16T00:00:00
db:	BID	id:	40550	date:	2010-06-03T00:00:00
db:	JVNDB	id:	JVNDB-2010-004879	date:	2012-09-25T00:00:00
db:	PACKETSTORM	id:	90458	date:	2010-06-09T09:04:42
db:	CNNVD	id:	CNNVD-201006-273	date:	2010-06-18T00:00:00
db:	NVD	id:	CVE-2010-2307	date:	2010-06-16T20:30:02.717