关键漏洞信息 CVE Identifier CVE-2006-5947 CVSS Scores CVSS 1.0 Base Score: 7 - Access Vector: Remote - Access Complexity: Low - Authentication: Not Required - Confidentiality Impact: Partial - Integrity Impact: Partial - Availability Impact: Partial CVSS 1.0 Temporal Score: 5.7 - Exploitability: Unproven - Remediation Level: Unavailable - Report Confidence: Uncorroborated Vulnerability Details By providing malicious data to the Web server login page using specially-crafted argument containing "dot dot" directory traversal sequences (../), an attacker can traverse directories and list or download files or directories outside the FTP Web root directory. Consequences Gain Access Remedy No remedy available as of September 1, 2014. Affected Products Conxint Conxint FTP server 2.2.0603 and prior References BID-21081 CVE-2006-5947 Conxint Web site SA22893