CVSS: 9.8EPSS: 16%CPEs: 10EXPL: 0CVE-2013-5554 – Cisco WAAS Mobile Server ReportReceiver CAB Processing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-5554
08 Nov 2013 — Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile before 3.5.5 allows remote attackers to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773. Vulnerabilidad de salto de directorio en la interfaz web-management en el servidor de Cisco Wide Area Application Services (WAAS) Mobile anterior a la versión 3.5.5 permite a atacantes remotos subir y ejecutar archivos arbitrarios a través de peticione... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-waasm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •