Sign-up

ID

VAR-201706-1142


TITLE

Arborcom Application Gateway Has Arbitrary File Traversal Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2017-05897

DESCRIPTION

Ambowtone Application Gateway is an inter-network device developed by Beijing Ableton Technology Co., Ltd. to connect one network with another network to provide specific applications. Ambient Application Gateway has an arbitrary file traversal vulnerability. Attackers use user-controllable data to access files and directories located in the reference server or its back-end file system in a dangerous manner, leading to a path traversal vulnerability.

Trust: 0.6

sources: CNVD: CNVD-2017-05897

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-05897

AFFECTED PRODUCTS

vendor:anbotongmodel:application gatewayscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2017-05897

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2017-05897
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2017-05897
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2017-05897

PATCH

title:Arborcom Application Gateway Has Arbitrary File Traversal Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/93095

Trust: 0.6

sources: CNVD: CNVD-2017-05897

EXTERNAL IDS

db:CNVDid:CNVD-2017-05897

Trust: 0.6

sources: CNVD: CNVD-2017-05897

SOURCES

db:CNVDid:CNVD-2017-05897

LAST UPDATE DATE

2022-05-04T09:34:11.779000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-05897date:2017-05-08T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2017-05897date:2017-06-13T00:00:00