CVE-2013-5554 – Cisco WAAS Mobile Server ReportReceiver CAB Processing Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-5554

Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile before 3.5.5 allows remote attackers to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773. Vulnerabilidad de salto de directorio en la interfaz web-management en el servidor de Cisco Wide Area Application Services (WAAS) Mobile anterior a la versión 3.5.5 permite a atacantes remotos subir y ejecutar archivos arbitrarios a través de peticiones POST manipuladas, también conocido como Bug ID CSCuh69773. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CISCO WAAS Mobile Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CAB files uploaded through ReportReceiver. By uploading a crafted CAB file, an attacker is able to add a hostile web page to the web server. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-waasm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •