header-logo
Suggest Exploit
vendor:
Web-Based Admin View
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Web-Based Admin View
Affected Version From: 2.1.2002
Affected Version To: 2.1.2002
Patch Exists: YES
Related CWE: N/A
CPE: a:fujitsu:web-based_admin_view
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Fujitsu Web-Based Admin View Directory Traversal Vulnerability

Fujitsu Web-Based Admin View is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the application's HTTP server. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/30780/info

Fujitsu Web-Based Admin View is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the application's HTTP server.

Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks.

Web-Based Admin View 2.1.2 is vulnerable; other versions may also be affected.


The following example is available:

GET /.././.././.././.././.././.././.././.././.././etc/passwd HTTP/1.0
Host: www.example.com:8081

Navigation

Suggest Exploit

Services By CQR