Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ContentKeeper Web Appliance < 125.10 Arbitrary File Access via mimencode
Vulnerability Description
ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot.
CVSS Information
N/A
Vulnerability Type
对外部实体的文件或目录可访问
Vulnerability Title
ContentKeeper Web Appliance 安全漏洞
Vulnerability Description
ContentKeeper Web Appliance是澳大利亚ContentKeeper公司的一个网络内容过滤与安全网关设备。 ContentKeeper Web Appliance 125.10之前版本存在安全漏洞,该漏洞源于CGI端点暴露mimencode二进制文件,可能导致未经验证的攻击者从文件系统检索任意文件。
CVSS Information
N/A
Vulnerability Type
N/A