CVE-2018-25421

Open STA Manager 2.3 Arbitrary File Download via Path Traversal

CVSS 7.1 HIGHEPSS 0.3%CWE-22

Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules/backup/actions.php with op=getfile and traverse directories using ../ sequences to access sensitive system files.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

Openstamanager · Open STA Manager

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/45693unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://sourceforge.net/projects/openstamanager/files/latest/download https://www.exploit-db.com/exploits/45693 https://www.vulncheck.com/advisories/open-sta-manager-arbitrary-file-download-via-path-traversal http://www.openstamanager.com/