What is CVE-2013-10063?

CVE-2013-10063 is a vulnerability in Netgear Sph200d, classified under Path Traversal. Published 2025-08-01.

Is CVE-2013-10063 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Netgear Sph200d

CVE-2013-10063

A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by i…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.739 (98.8th percentile) — read the EPSS interpretation.

Affected products

Netgear Sph200d — versions 0

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

rapid7/metasploit-framework

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/… (exploit)
www.exploit-db.com/exploits/24441 (exploit)
web.archive.org/web/20130207034706/http://www.s3cur1ty.de/m1adv2013-002 (technical-description, exploit)
www.vulncheck.com/advisories/netgear-sph200d-path-traversal-via-http-get (third-party-advisory)

Frequently asked questions

What is CVE-2013-10063?: CVE-2013-10063 is a vulnerability in Netgear Sph200d, classified under Path Traversal. Published 2025-08-01.
Is CVE-2013-10063 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.