Main Vulnerability Database Exploits ID:4571 - Exploit for Path traversal in openSIS - CVE-2020-13383

ID:4571 - Exploit for Path traversal in openSIS - CVE-2020-13383

Published: September 2, 2020

Vulnerability identifier: #VU46212

Vulnerability risk: Medium

CVE-ID: CVE-2020-13383

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
openSIS

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/unix/webapp/opensis_chain_exec

Vulnerability description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:4571 - Exploit for Path traversal in openSIS - CVE-2020-13383

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human