- Home
- CVEs with metasploit.description==This module exploits the EditDocument servlet from the frontend on the Mutiny 5 appliance. The EditDocument servlet provides file operations, such as copy and delete, which are affected by a directory traversal vulnerability. Because of this, any authenticated frontend user can read and delete arbitrary files from the system with root privileges. In order to exploit the vulnerability a valid user (any role) in the web frontend is required. The module has been tested successfully on the Mutiny 5.0-1.07 appliance.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top