CVE-2010-2307

NUCLEI

Motorola Surfboard Sbv6120e - Path Traversal

Title source: rule

Description

Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.

Exploits (1)

exploitdb WORKING POC

by S2 Crew · textremotehardware

https://www.exploit-db.com/exploits/12865

View Code ZIP pw:eip

Nuclei Templates (1)

Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal

MEDIUMby daffainfo

References (5)

[Vendor Advisory] http://secunia.com/advisories/40054

[Exploit] http://www.exploit-db.com/exploits/12865

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/59113

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/40550

[Third Party Advisory, VDB Entry] http://www.osvdb.org/65249

Scores

EPSS 0.0285

EPSS Percentile 86.3%

Details

CWE

CWE-22

Status published

Products (1)

motorola/surfboard_sbv6120e sbv6x2x-1.0.0.5-scm-02-shpc

Published Jun 16, 2010

Tracked Since Feb 18, 2026