📄 Repetier-Server 1.4.10 Path Traversal

Repetier-Server versions 1.4.10 and below suffer from a path traversal vulnerability. Exploit Title: Repetier-Server 1.4.10 - Path Traversal Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://www.repetier.com/ Version: str: return "..%5c" depth def attemptreadtargeturl: str,...

Repetier-Server 1.4.10 - Path Traversal

Exploit Title: Repetier-Server 1.4.10 - Path Traversal Exploit Author: Mohammed Idrees Banyamer Vendor Homepage: https://www.repetier.com/ Version: str: return "..%5c" depth def attemptreadtargeturl: str, filepath: str, traversaldepth: int = 15, timeout: int = 10 - bool: traversal =...

Exploit for Path Traversal in Repetier-Server

Repetier-Server |HTTP request with ..%5c traversal| BRepetier...

CVE-2023-31059

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...

CVE-2023-31060

Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...

CVE-2023-31061

Repetier Server through 1.4.10 does not have CSRF protection...

EUVD-2023-35393

Malicious code in bioql PyPI...

EUVD-2023-35394

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2023-31059

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...

CVE-2023-31059

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...

CVE-2023-31060

Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...

CVE-2023-31061

Repetier Server through 1.4.10 does not have CSRF protection...

CVE-2023-31059

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...

CVE-2023-31060

Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...

CVE-2023-31061

Repetier Server through 1.4.10 does not have CSRF protection...

Directory traversal

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...

Design/Logic Flaw

Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...

Cross site request forgery (csrf)

Repetier Server through 1.4.10 does not have CSRF protection...

PT-2023-23125 · Unknown · Repetier Server

Name of the Vulnerable Software and Affected Versions: Repetier Server versions prior to 1.4.11 Description: The issue allows directory traversal for reading files that contain credentials. This can be demonstrated by accessing the connectionLost.php file. It is estimated that about 1,766 devices...

CVE-2023-31059

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...