Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-2657 — Path Traversal in Zenworks Configuration Management

CWE-22 — Path Traversal4 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

69.9%

top 1.33%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Novell Zenworks Configuration Management

Timeline

PublishedJul 26

Latest updateMay 17

Description

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDnovell/zenworks_configuration_management10.2, 10.3, 11+2

Patches

Patch: www.novell.com ↗Patch: www.novell.com ↗

🔴Vulnerability Details

GHSA

GHSA-vxmq-5cqr-pqj8: Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp↗2022-05-17

▶

CVEList

CVE-2011-2657: Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp↗2012-07-26

▶

💥Exploits & PoCs

Exploit-DB

AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit)↗2012-07-11

▶