file.cgi in Secure Computing SecurityReporter (aka... · CVE-2007-4043 · GitHub Advisory Database · GitHub

file.cgi in Secure Computing SecurityReporter (aka...

Moderate severity Unreviewed Published May 1, 2022 to the GitHub Advisory Database • Updated Apr 3, 2025

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files.

References

Published by the National Vulnerability Database

Jul 27, 2007

Published to the GitHub Advisory Database May 1, 2022

Last updated Apr 3, 2025