CVE-2010-2271
Accoria Rock Web Server 1.4.7 - Remote Format String Injection via authcfg.cgi Password File Parameter
Title source: llmDescription
Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to have an unspecified impact via format string specifiers in the path (aka Password File) parameter.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://www.ioactive.com/pdfs/AccoriaWebServer.pdf
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/245081
Scores
EPSS
0.0141
EPSS Percentile
69.1%
Details
CWE
CWE-134
Status
published
Products (1)
accoria/rock_web_server
1.4.7
Published
Jun 15, 2010
Tracked Since
Feb 18, 2026