CVE-2007-4062

Nessus Vulnerability Scanner <3.0.6 - Path Traversal

Title source: llm

Description

The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via unspecified vectors involving the deleteNessusRC method, probably a directory traversal vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED

by h07 · htmlremotewindows

https://www.exploit-db.com/exploits/4237

View Code ZIP pw:eip

References (4)

[Patch] http://www.nessus.org/news/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/35641

[Exploit, Patch, Vendor Advisory] http://secunia.com/advisories/26243

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/25088

Scores

EPSS 0.0441

EPSS Percentile 89.0%

Details

CWE

CWE-22

Status published

Products (1)

nessus/vulnerability_scanner 3.0.6

Published Jul 30, 2007

Tracked Since Feb 18, 2026