What is the severity of CVE-2014-10073?

CVE-2014-10073 is considered a medium severity vulnerability due to its exploitation potential for directory traversal.

How do I fix CVE-2014-10073?

To fix CVE-2014-10073, upgrade Psensor to version 1.1.4 or later, which addresses the directory traversal issue.

What systems are affected by CVE-2014-10073?

CVE-2014-10073 affects Psensor versions prior to 1.1.4 and Debian GNU/Linux version 7.0.

Can CVE-2014-10073 lead to unauthorized access?

Yes, CVE-2014-10073 can potentially allow unauthorized access to files outside the intended webserver directory.

What is the root cause of CVE-2014-10073?

The root cause of CVE-2014-10073 is the lack of validation in the create_response function that allows directory traversal.

Vulnerability/
CVE-2014-10073

high

7.5

CWE

20/4/2018

6/8/2024

CVE-2014-10073: Path Traversal

First published: Fri Apr 20 2018(Updated: )

The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Psensor	<1.1.4
Debian GNU/Linux	=7.0

Remedy

http://git.wpitchoune.net/gitweb/?p=psensor.git;a=commit;h=48739caa745f9f8002e87af574f03e5dc6ae3447

Remedy

http://git.wpitchoune.net/gitweb/?p=psensor.git;a=commit;h=8b10426dcc0246c1712a99460dd470dcb1cc4d9c

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-10073?
CVE-2014-10073 is considered a medium severity vulnerability due to its exploitation potential for directory traversal.
How do I fix CVE-2014-10073?
To fix CVE-2014-10073, upgrade Psensor to version 1.1.4 or later, which addresses the directory traversal issue.
What systems are affected by CVE-2014-10073?
CVE-2014-10073 affects Psensor versions prior to 1.1.4 and Debian GNU/Linux version 7.0.
Can CVE-2014-10073 lead to unauthorized access?
Yes, CVE-2014-10073 can potentially allow unauthorized access to files outside the intended webserver directory.
What is the root cause of CVE-2014-10073?
The root cause of CVE-2014-10073 is the lack of validation in the create_response function that allows directory traversal.

agent/remedy
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/severity
agent/author
agent/weakness
agent/event
agent/first-publish-date
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/wpitchoune
canonical/psensor
vendor/debian
canonical/debian gnu/linux
version/debian gnu/linux/7.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.