📦

securityreporter

Vendor: securecomputing

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.73% Exploit Prob.

Latest CVE CVE-2007-4043 Jul 27

Security Vulnerability Index

Page 1 / 1

9.8 CVSS

CVE-2007-4043

file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files.

EPSS: 0.36%

Severity: CRITICAL

Jul 27, 2007

5.0 CVSS

CVE-2007-3985

Directory traversal vulnerability in file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) 4.6.3 allows remote attackers to download arbitrary files via a .. (dot dot) in the name parameter.

EPSS: 1.01%

Severity: MEDIUM

Jul 25, 2007

5.0 CVSS

CVE-2007-3986

file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) 4.6.3 allows remote attackers to bypass authentication via a name parameter that specifies the eventcache directory and a non-GIF file, which causes the $dontvalidate variable to be set to true. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files.

EPSS: 0.83%

Severity: MEDIUM

Jul 25, 2007

Displaying 3 of 3 Total Entries

Total 1 Sections