Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2012-2627
HistoryJul 31, 2012 - 10:45 a.m.

CVE-2012-2627

2012-07-3110:45:41
mitre
web.nvd.nist.gov
27
cve-2012-2627
plixer scrutinizer
dell sonicwall scrutinizer
remote attack
arbitrary files
vulnerability

CVSS2

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.009

Percentile

82.6%

JSON

d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote attackers to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.

Affected configurations

Nvd
Node
sonicwallscrutinizerRange<9.5.0
VendorProductVersionCPE
sonicwallscrutinizer*cpe:2.3:a:sonicwall:scrutinizer:*:*:*:*:*:*:*:*

Related

nvd 1
prion 1
exploitdb 1
cvelist 1
openvas 1
nessus 1
securityvulns 2
zdt 1
packetstorm 1
nvd
nvd
CVE-2012-2627
2012-07-31 10:45:41
prion
prion
Cross site request forgery (csrf)
2012-07-31 10:45:00
exploitdb
exploitdb
Scrutinizer 9.0.1.19899 - Arbitrary File Upload
2012-07-30 00:00:00
cvelist
cvelist
CVE-2012-2627
2012-07-31 10:00:00
openvas
openvas
Scrutinizer Arbitrary File Upload Vulnerability
2012-08-02 00:00:00
nessus
nessus
Scrutinizer < 9.5.2 Multiple Vulnerabilities
2012-08-23 00:00:00
securityvulns
securityvulns
TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow &amp; sFlow Analyzer
2012-09-03 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2012-09-03 00:00:00
zdt
zdt
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
2012-07-30 00:00:00
packetstorm
packetstorm
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
2012-07-29 00:00:00

CVSS2

9.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.009

Percentile

82.6%

JSON
Related for CVE-2012-2627
nvd1prion1exploitdb1cvelist1openvas1nessus1securityvulns2zdt1packetstorm1