Main Vulnerability Database Exploits ID:6194 - Exploit for Path traversal in IPConfigure Orchid - CVE-2018-10956

ID:6194 - Exploit for Path traversal in IPConfigure Orchid - CVE-2018-10956

Published: June 17, 2021

Vulnerability identifier: #VU13899

Vulnerability risk: Low

CVE-ID: CVE-2018-10956

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
IPConfigure Orchid

Link to public exploit:

https://www.exploit-db.com/exploits/44916/

Vulnerability description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to path traversal. A remote attacker can send specially crafted GET requests, conduct directory traversal attack and read arbitrary files outside of the applications web directory.

Remediation

Update to version 2.0.6.

ID:6194 - Exploit for Path traversal in IPConfigure Orchid - CVE-2018-10956

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human