Posts Tagged ‘traversal’

Cloudview NMS 2.00b Writable Directory Traversal Execution

This Metasploit module exploits a vulnerability found in Cloudview NMS server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context ‘SYSTEM’. Source: Cloudview NMS 2.00b Writable Directory Traversal Execution


Advantech SUSIAccess 3.0 Directory Traversal / Information Disclosure

This Metasploit module exploits an information disclosure vulnerability found in Advantech SUSIAccess versions 3.0 and below. The vulnerability is triggered when sending a GET request to the server with a series of dot dot slashes (../) in the file parameter. Source: Advantech SUSIAccess 3.0 Directory Traversal / Information Disclosure