← voltar
CVE-2018-10201

CVE-2018-10201

EPSS 46.1%
An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible to read arbitrary files outside the root directory of the web server. This vulnerability could be exploited remotely by a crafted URL without credentials, with .../ or ...\ or ..../ or ....\ as a directory-traversal pattern to TCP port 8667.
Produtos afetados
n/a · n/a
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/44497/não verificadoexploitdbwww.exploit-db.com/exploits/44497não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.ncomputing.com/portal/kb/articles/ncomputing-health-monitor-server-vulnerability-patchhttps://www.exploit-db.com/exploits/44497/https://www.kwell.net/kwell/index.php?option=com_newsfeeds&view=newsfeed&id=15&Itemid=173&lang=eshttp://www.kwell.net/kwell_blog/?p=5199