← back
CVE-2018-10201

CVE-2018-10201

EPSS 46.1%
An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible to read arbitrary files outside the root directory of the web server. This vulnerability could be exploited remotely by a crafted URL without credentials, with .../ or ...\ or ..../ or ....\ as a directory-traversal pattern to TCP port 8667.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44497/unverifiedexploitdbwww.exploit-db.com/exploits/44497unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.ncomputing.com/portal/kb/articles/ncomputing-health-monitor-server-vulnerability-patchhttps://www.exploit-db.com/exploits/44497/https://www.kwell.net/kwell/index.php?option=com_newsfeeds&view=newsfeed&id=15&Itemid=173&lang=eshttp://www.kwell.net/kwell_blog/?p=5199