CVE-1999-1051

MEDIUM

—CVSS v3

5.0CVSS v2

0.76% EPSS (exploit probability)

—CWE

Description

Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE