Main Vulnerability Database Exploits ID:3988 - Exploit for Path traversal in Cobbler - CVE-2014-3225

ID:3988 - Exploit for Path traversal in Cobbler - CVE-2014-3225

Published: August 11, 2020

Vulnerability identifier: #VU41683

Vulnerability risk: Low

CVE-ID: CVE-2014-3225

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
Cobbler

Link to public exploit:

https://www.exploit-db.com/exploits/33252/

Vulnerability description

The vulnerability allows a remote #AU# to gain access to sensitive information.

Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.

Remediation

Install update from vendor's website.

ID:3988 - Exploit for Path traversal in Cobbler - CVE-2014-3225

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human