1. Home
  2. CVE Database
  3. CVE-2014-2626
HIGH · 9.4

CVE-2014-2626

Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute ...

Vulnerability Description

Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.

CVSS Score

9.4

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:N
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
NONE

Affected Products

VendorProductVersions
HpNetwork Virtualization8.6

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2014-2626?

CVE-2014-2626 is a vulnerability with a CVSS score of 9.4 (HIGH). Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute ...

How severe is CVE-2014-2626?

CVE-2014-2626 has been rated HIGH with a CVSS base score of 9.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-2626?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Network Virtualization.