📦

vulnerability_scanner

Vendor: nessus

Actively Exploited 0 CISA KEV List

PoC / Exploits 3 Code Available

Total RCEs 0 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 7.66% Exploit Prob.

Latest CVE CVE-2007-4061 Jul 30

Security Vulnerability Index

Page 1 / 1

9.3 CVSS

CVE-2007-4061

Exploit Found

Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. NOTE: this can be leveraged for code execution by writing to a Startup folder.

EPSS: 11.00%

Severity: HIGH

Jul 30, 2007

7.8 CVSS

CVE-2007-4062

Exploit Found

The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via unspecified vectors involving the deleteNessusRC method, probably a directory traversal vulnerability.

EPSS: 4.41%

Severity: HIGH

Jul 30, 2007

7.8 CVSS

CVE-2007-4031

Exploit Found

Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via a .. (dot dot) in the argument to the deleteReport method, probably related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll.

EPSS: 7.58%

Severity: HIGH

Jul 27, 2007

Displaying 3 of 3 Total Entries

Total 1 Sections