Home

Description

APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path traversal characters in HTTP requests.

PUBLISHED Reserved 2025-12-11 | Published 2025-12-11 | Updated 2025-12-16 | Assigner VulnCheck




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

4
affected

Credits

Víctor García finder

References

www.exploit-db.com/exploits/51897 (ExploitDB-51897) exploit

www.apc.com/ (Official Product Homepage) product

www.vulncheck.com/...-path-traversal-via-directory-traversal (VulnCheck Advisory: APC Network Management Card 4 Path Traversal) third-party-advisory

cve.org (CVE-2024-58310)

nvd.nist.gov (CVE-2024-58310)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.