ByteOS Network

NVD Vulnerability Details :

CVE-2008-4050

Modified

Source-cve@mitre.org

Published At-11 Sep, 2008 | 21:06

Updated At-29 Sep, 2017 | 01:31

A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryValue method, and (2) read arbitrary files via the GetTextFile method.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 9.3

Base severity: HIGH

Vector:

AV:N/AC:M/Au:N/C:C/I:C/A:C

CPE Matches

friendly_technologies>>friendly_pppoe_client>>3.0.0.57

cpe:2.3:a:friendly_technologies:friendly_pppoe_client:3.0.0.57:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-20	Primary	nvd@nist.gov

CWE ID: CWE-20

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://secunia.com/advisories/31644	cve@mitre.org	Vendor Advisory
http://securityreason.com/securityalert/4244	cve@mitre.org	N/A
http://www.securityfocus.com/bid/30939	cve@mitre.org	N/A
http://www.securityfocus.com/bid/30940	cve@mitre.org	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/44787	cve@mitre.org	N/A
https://www.exploit-db.com/exploits/6334	cve@mitre.org	N/A