CVE-2017-12637

CVSS 7.5 HIGHEPSS 94.6%● KEVCWE-22

In short

A flaw in SAP NetWeaver allows attackers to read any file on the server by using special path sequences (like ../) in web requests. This exposes sensitive information stored on the server.

Technical detail

Directory traversal vulnerability in the scheduler UI JavaScript component (CWE-22) permits unauthenticated remote attackers to traverse the file system and read arbitrary files by injecting path traversal sequences in the query string. No authentication or special conditions are required; successful exploitation results in unauthorized information disclosure.

Summary generated and translated by AI from the official description.

Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

n/a · n/a

public PoCs found — 1

githubgithub.com/abrewer251/CVE-2017-12637_SAP-NetWeaver-URL-Traversal★ 0

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://web.archive.org/web/20170807202056/http://www.sh0w.top/index.php/archives/7/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12637