module
Cisco Prime Infrastructure Health Monitor TarArchive Directory Traversal Vulnerability
| Disclosed | Created |
|---|---|
| 2019-05-15 | 2019-06-26 |
Disclosed
2019-05-15
Created
2019-06-26
Description
This module exploits a vulnerability found in Cisco Prime Infrastructure. The issue is that
the TarArchive Java class the HA Health Monitor component uses does not check for any
directory traversals while unpacking a Tar file, which can be abused by a remote user to
leverage the UploadServlet class to upload a JSP payload to the Apache Tomcat's web apps
directory, and gain arbitrary remote code execution. Note that authentication is not
required to exploit this vulnerability.
the TarArchive Java class the HA Health Monitor component uses does not check for any
directory traversals while unpacking a Tar file, which can be abused by a remote user to
leverage the UploadServlet class to upload a JSP payload to the Apache Tomcat's web apps
directory, and gain arbitrary remote code execution. Note that authentication is not
required to exploit this vulnerability.
Authors
Steven Seeley
sinn3r sinn3r@metasploit.com
sinn3r sinn3r@metasploit.com
Platform
Linux
Architectures
x86
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.