cbcvebase.
CVE-2008-5518
published 2009-04-17

CVE-2008-5518: Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote…

PriorityP263critical9.4CVSS 2.0
AVNACLAuNCCICAN
EXPLOIT
EPSS
35.93%
98.3th percentile
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet.

Affected

4 ranges
VendorProductVersion rangeFixed in
apachegeronimo
apachegeronimo
apachegeronimo
apachegeronimo

Detection & IOCsextracted from sources · hover to see the quote

url/console/portal//Services/Repository
url/console/portal/Embedded DB/DB Manager
url/console/portal//Security/Keystores/__pm0x3console-base0x2Keystores!824133314|0_view/__rp0x3console-base0x2Keystores!824133314|0_mode/createKeystore
  • Monitor HTTP requests to /console/portal//Services/Repository for directory traversal sequences in the 'group', 'artifact', 'version', or 'fileType' parameters.
  • Monitor HTTP requests to /console/portal/Embedded DB/DB Manager for directory traversal sequences in the 'createDB' parameter.
  • Monitor HTTP requests to the createKeystore script endpoint for directory traversal sequences in the 'filename' parameter.
  • This vulnerability is Windows-specific; directory traversal file upload attacks via the Geronimo admin console only affect Windows deployments.
  • ·Vulnerability only affects Apache Geronimo versions 2.1 through 2.1.3 running on Windows; fixed in 2.1.4.
  • ·Only deployments that include the administration web console are affected; undeploying the console is a valid workaround.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.