CVE-2019-20085

CVSS 7.5 HIGHEPSS 96.1%● KEVCWE-22

In short

TVT NVMS-1000 devices have a directory traversal vulnerability that allows attackers to access files outside the intended directory by using special path sequences in web requests. This lets unauthorized users view sensitive system files and configuration data.

Technical detail

The NVMS-1000 web interface fails to properly validate GET request paths, allowing directory traversal via path traversal sequences (../) to escape the intended root directory (CWE-22). An unauthenticated remote attacker can exploit this to read arbitrary files with application privileges, potentially exposing credentials and system configuration.

Summary generated and translated by AI from the official description.

TVT NVMS-1000 devices allow GET /.. Directory Traversal

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

n/a · n/a

public PoCs found — 6

githubgithub.com/AleDiBen/NVMS1000-Exploit★ 6 githubgithub.com/0hmsec/NVMS-1000-Directory-Traversal-Bash★ 0 githubgithub.com/Z3R0space/CVE-2019-20085★ 0 cve_referencepacketstormsecurity.com/files/157196/TVT-NVMS-1000-Directory-Traversal.htmlunverified cve_referencewww.exploit-db.com/exploits/47774unverified exploitdbwww.exploit-db.com/exploits/48311unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/157196/TVT-NVMS-1000-Directory-Traversal.html https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-20085 https://www.exploit-db.com/exploits/47774