CVE-2006-5596

high

Description

Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.

References

https://www.exploit-db.com/exploits/2637

https://exchange.xforce.ibmcloud.com/vulnerabilities/29817

http://www.vupen.com/english/advisories/2006/4224

http://secunia.com/advisories/22550

Details

Source: Mitre, NVD

Published: 2006-10-28

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N