VM Turbo Operations Manager 4.5x - Directory Traversal

ID EDB-ID:33334
Type exploitdb
Reporter Jamal Pecou
Modified 2014-05-12T00:00:00


VM Turbo Operations Manager 4.5x - Directory Traversal. CVE-2014-3806. Webapps exploit for cgi platform

                                            Product: VM Turbo Operations Manager
Vendor: VM Turbo
Vulnerable Version(s): 4.5.x earlier
Tested Version: 4.0
Advisory Publication: April 11, 2014 
Vendor Notification: April 11, 2014 
Public Disclosure: May 8, 2014 
Vulnerability Type: Directory Traversal

Discovered and Provided: (Jamal Pecou) Security Focus ( https://www.securityfocus.com/ )


Advisory Details:

A vulnerability affecting “/cgi-bin/help/doIt.cgi" in VM Turbo Operations Manager allows directory traversal when the URL encoded POST input “xml_path” was set to “../../../../../../../../../../etc/passwd” we could see the contents of this file. 

The following exploitation example displays the contents of /etc/passwd




 The vendor has released a fix for this vulnerability in version 4.6.


[1] https://support.vmturbo.com/hc/en-us/articles/203170127-VMTurbo-Operations-Manager-v4-6-Announcement