ByteOS Network

NVD Vulnerability Details :

CVE-2013-3922

Modified

Source-cve@mitre.org

Published At-25 Nov, 2013 | 19:55

Updated At-29 Apr, 2026 | 01:13

Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.8	HIGH	AV:N/AC:L/Au:N/C:C/I:N/A:N

Type: Primary

Version: 2.0

Base score: 7.8

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:C/I:N/A:N

CPE Matches

gummybearstudios>>ftp_drive_\+_http_server>>Versions up to 1.0.4(inclusive)

cpe:2.3:a:gummybearstudios:ftp_drive_\+_http_server:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-22	Primary	nvd@nist.gov

CWE ID: CWE-22

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/89161	cve@mitre.org	N/A
https://www.trustwave.com/spiderlabs/advisories/TWSL2013-032.txt	cve@mitre.org	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/89161	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.trustwave.com/spiderlabs/advisories/TWSL2013-032.txt	af854a3a-2127-422b-91ae-364da2661108	Exploit