CVE-2010-0620

EMC Homebase Server - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17219

View Code ZIP pw:eip

References (5)

[Third Party Advisory] http://securityreason.com/securityalert/8230

[Exploit] http://www.securityfocus.com/bid/38380

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/509723/100/0/threaded

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/0458

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-10-020/

Scores

EPSS 0.0386

EPSS Percentile 88.2%

Details

CWE

CWE-22

Status published

Products (2)

emc/homebase_server 6.2

emc/homebase_server 6.3

Published Feb 25, 2010

Tracked Since Feb 18, 2026