vendor:
Xivo
by:
Mr.Un1k0d3r
7,5
CVSS
HIGH
Arbitrary File Download
22
CWE
Product Name: Xivo
Affected Version From: 1.2
Affected Version To: 1.2
Patch Exists: YES
Related CWE: N/A
CPE: a:xivo:xivo
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux xivo 2.6.32-5-486
2012
Xivo 1.2 Arbitrary File Download under root privileges
Using the web interface of Xivo 1.2, an attacker can download any file from the system as the web application is running under root privileges. This can allow an attacker to download clear text passwords, /etc/passwd, /etc/shadow and many more.
Mitigation:
The vulnerability was fixed in the last patched version of Xivo 1.2. The patch can be found at https://projects.xivo.fr/issues/3912 and http://git.xivo.fr/?p=official/xivo-skaro.git;a=commit;h=127ab43e6d8e8ed94f16ff388fb62fd611a40e19.
