Main Vulnerability Database Exploits ID:6004 - Exploit for Path traversal in LibreOffice - CVE-2018-16858

ID:6004 - Exploit for Path traversal in LibreOffice - CVE-2018-16858

Published: June 17, 2021

Vulnerability identifier: #VU17362

Vulnerability risk: High

CVE-ID: CVE-2018-16858

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
LibreOffice

Link to public exploit:

https://www.exploit-db.com/exploits/47298/

Vulnerability description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error. A remote attacker can trick the victim into opening a specially crafted Office file, conduct path traversal attack and execute a python method from a script in any arbitrary file system location

Remediation

The vulnerability has been addressed in the versions 6.0.7, 6.1.3.

ID:6004 - Exploit for Path traversal in LibreOffice - CVE-2018-16858

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human