CVE-2009-1730

critical

Description

Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/50574

http://www.securityfocus.com/bid/35002

http://www.princeofnigeria.org/blogs/index.php/2009/05/17/netdecision-tftp-server-4-2-tftp-directo?blog=1

http://secunia.com/advisories/35131

Details

Source: Mitre, NVD

Published: 2009-05-20

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.5451