GCVE - cpe:2.3:a:kddi:ezfactory_download_cgi:1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kddi:ezfactory_download_cgi:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Kddi (`fa2f6817-694c-5bc9-a53d-5a5e6157f730`)
Product	Ezfactory Download Cgi (`eabba01b-a92b-50f4-9d04-adb1f1800e8b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-3692`	vulnerable	2026-06-08 04:49:54.577079	Details available Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. (dot dot) in the name parameter. Published: 2007-07-11T17:00:00.000Z Updated: 2024-08-07T14:28:51.547Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2007/2472 http://securitytracker.com/id?1018344 https://exchange.xforce.ibmcloud.com/vulnerabilities/35323 http://www.au.kddi.com/ezfactory/tec/dlcgi/info.html http://osvdb.org/38453	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.