Description
Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile before 3.5.5 allows remote attackers to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-waasm
Scores
EPSS
0.0202
EPSS Percentile
78.6%
Details
CWE
CWE-22
Status
published
Products (10)
cisco/wide_area_application_services_mobile
3.3.1
cisco/wide_area_application_services_mobile
3.3.4
cisco/wide_area_application_services_mobile
3.4
cisco/wide_area_application_services_mobile
3.4.1
cisco/wide_area_application_services_mobile
3.4.2
cisco/wide_area_application_services_mobile
3.5.0
cisco/wide_area_application_services_mobile
3.5.1
cisco/wide_area_application_services_mobile
3.5.2
cisco/wide_area_application_services_mobile
3.5.3
cisco/wide_area_application_services_mobile
< 3.5.4
Published
Nov 08, 2013
Tracked Since
Feb 18, 2026