module
Mutiny 5 Arbitrary File Read and Delete
| Disclosed | Created |
|---|---|
| 2013-05-15 | 2018-05-30 |
Disclosed
2013-05-15
Created
2018-05-30
Description
This module exploits the EditDocument servlet from the frontend on the Mutiny 5
appliance. The EditDocument servlet provides file operations, such as copy and
delete, which are affected by a directory traversal vulnerability. Because of this,
any authenticated frontend user can read and delete arbitrary files from the system
with root privileges. In order to exploit the vulnerability a valid user (any role)
in the web frontend is required. The module has been tested successfully on the
Mutiny 5.0-1.07 appliance.
appliance. The EditDocument servlet provides file operations, such as copy and
delete, which are affected by a directory traversal vulnerability. Because of this,
any authenticated frontend user can read and delete arbitrary files from the system
with root privileges. In order to exploit the vulnerability a valid user (any role)
in the web frontend is required. The module has been tested successfully on the
Mutiny 5.0-1.07 appliance.
Author
juan vazquez juan.vazquez@metasploit.com
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.